WPLMS LEARNDASH MIGRATION Security & Risk Analysis
wordpress.org/plugins/wplms-learndash-migrationWPLMS Learndash Migrate helps users to migrate all Learndash courses to WPLMS courses
Is WPLMS LEARNDASH MIGRATION Safe to Use in 2026?
Generally Safe
Score 85/100WPLMS LEARNDASH MIGRATION has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The "wplms-learndash-migration" v1.1 plugin exhibits a mixed security posture. On the positive side, the static analysis reveals no critical or high severity taint flows, a clean vulnerability history with no recorded CVEs, and a controlled attack surface consisting solely of AJAX handlers, all of which appear to have nonce checks. There are also no file operations or external HTTP requests, which are common vectors for attack.
However, several significant concerns are present. The most alarming is that 100% of the SQL queries are not using prepared statements, which is a major risk for SQL injection vulnerabilities, especially given the total number of queries. Additionally, none of the identified output points are properly escaped, indicating a high risk of Cross-Site Scripting (XSS) vulnerabilities. The complete lack of capability checks on the entry points is also a serious oversight, meaning that any authenticated user, regardless of their role, could potentially trigger these AJAX actions, leading to privilege escalation or unauthorized data manipulation.
While the absence of known vulnerabilities is a positive indicator, it doesn't negate the inherent risks identified in the code. The presence of raw SQL and unescaped output, coupled with a lack of capability checks, creates significant potential for exploitation, even if no past vulnerabilities have been publicly disclosed. The overall security can be considered moderately risky due to these fundamental coding practice deficiencies.
Key Concerns
- SQL queries without prepared statements
- Output points not properly escaped
- No capability checks on entry points
WPLMS LEARNDASH MIGRATION Security Vulnerabilities
WPLMS LEARNDASH MIGRATION Code Analysis
SQL Query Safety
Output Escaping
WPLMS LEARNDASH MIGRATION Attack Surface
AJAX Handlers 4
WordPress Hooks 2
Maintenance & Trust
WPLMS LEARNDASH MIGRATION Maintenance & Trust
Maintenance Signals
Community Trust
WPLMS LEARNDASH MIGRATION Alternatives
WPLMS CLEVERCOURSE MIGRATION
wplms-clevercourse-migration
WPLMS Clevercourse Migrate helps users to migrate all Clevercourse courses to WPLMS courses
WPLMS COURSEWARE MIGRATION
wplms-courseware-migration
WPLMS Courseware Migrate helps users to migrate all Courseware courses to WPLMS courses
WPLMS LEARNPRESS MIGRATION
wplms-learnpress-migration
WPLMS Learnpress Migrate helps users to migrate all Learnpress courses to WPLMS courses
All-in-One WP Migration and Backup
all-in-one-wp-migration
Trusted by 60M+ sites: The gold standard for WordPress migration and backup. Migrate, backup, and restore your WordPress site with one click.
ManageWP Worker
worker
A better way to manage dozens of WordPress websites.
WPLMS LEARNDASH MIGRATION Developer Profile
20 plugins · 4K total installs
How We Detect WPLMS LEARNDASH MIGRATION
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/wplms-learndash-migration/assets/css/wplms-learndash-migration.css/wp-content/plugins/wplms-learndash-migration/assets/js/wplms-learndash-migration.js/wp-content/plugins/wplms-learndash-migration/assets/js/wplms-learndash-migration.jswplms-learndash-migration/assets/css/wplms-learndash-migration.css?ver=wplms-learndash-migration/assets/js/wplms-learndash-migration.js?ver=HTML / DOM Fingerprints
migration_learndash_courses_revertupdate-nagmigration_learndash_courseserrorwplms_ld_progressbarid="migration_learndash_courses_revert"id="revert_message"id="begin_revert_migration"id="dismiss_message"id="welcome_ld_panel"id="migration_learndash_courses"+2 moreajaxurljQuery