LifterLMS Version 3.37.15

Posted in
Security Notice

This releases fixes a security issue. Please upgrade immediately!

Props to Omri Herscovici and Sagi Tzadik from Check Point Research who found and disclosed the vulnerability resolved in this release.

Updates & Bug Fixes
  • Excluded page.* events in order to keep the events table small.
  • Fixed error encountered when errors encountered validating custom fields. Thanks to @wenchen!
  • Fixed issue causing course pagination issues in certain scenarios.
LifterLMS REST API Version 1.0.0-beta.11
  • Bugfix: Correctly store user billing_postcode meta data.
  • Bugfix: Fixed issue preventing course.created (and other post.created) webhooks from firing.

Leave a Reply

Your email address will not be published. Required fields are marked *

  1. Comments

    Chris Sealey Avatar

    can you provide some more detail on the security issue? We have a lot of custom code around the LifterLms, so updating does require some effort.


    1. Comments

      Thomas Patrick Levy Avatar

      Test your update in a staging site if you’re worried about your custom code breaking: https://lifterlms.com/docs/staging/

      If you require more information or assistance please open a support request via https://lifterlms.com/my-account/my-tickets