LifterLMS 3.35.1 rolled out on Wednesday this week. It contains an important security release. It fixes a security issue discovered by the WordPress plugin review team on Tuesday.
Props to the WordPress plugin review team for their work on this matter and their commitment to the highest possible levels of security for WordPress.
At LifterLMS we moved into action immediately and fixed the issue with the release of LifterLMS 3.35. We recommend you update your version of LifterLMS immediately. If you have any questions at all, please submit a support ticket, or post on the WordPress support forums for LifterLMS.
Also we take every possible security issue seriously. But we are not aware of anyone or any website actually affected by the issue. Though as a general practice when any plugin, theme, or WordPress itself releases a security update, like we have here, the best practice is to update your plugins, themes, and WordPress version as soon as possible. Then do a visual scan of your site and check your posts, pages, users, and other content for any abnormalities. If you would like to go deeper with a security audit of your website, we recommend consulting with a WordPress security expert or service.
I apologize for any inconvenience this situation may cause you. LifterLMS is committed to the highest levels of security for your website. We also took this opportunity to implement more advanced coding standards to increase our security practices and quality control systems. In addition we conducted a security review of the entire LifterLMS codebase.
Thanks again to the WordPress plugin review team volunteers for identifying this issue and working with us to resolve the matter quickly. I’m grateful for their commitment to the highest security standards possible in WordPress.