LifterLMS Version 3.35.0

Security Notice
  • Fixed a security vulnerability disclosed by the WordPress plugin review team. Please upgrade immediately!
  • Explicitly setting css and js file versions for various static assets..
  • Added data sanitization methods in various form handlers.
  • Added nonce verification to various form handlers.
Bug fixes
  • Fixed some translation strings that had literal variables instead of placeholders.
  • Fixed undefined index error encountered when attempting to email a voucher export.
  • Fixed undefined index error when PHP file upload errors are encountered during a course import.

The following unused classes have been marked as deprecated and will be removed from LifterLMS in the next major release.

  • LLMSAnalyticsMemberships
  • LLMSAnalyticsCourses
  • LLMSAnalyticsSales
  • LLMSMetaBox_Expiration
  • LLMSMetaBox_Video
Template Updates

LifterLMS Version 3.34.5

  • Fixed logic issues preventing pending orders from being completed.
Templates Changed
  • [checkout/form-confirm-payment.php](

LifterLMS Version 3.34.4

  • Add a new admin settings field type, “keyval”, used for displaying custom html alongside a setting.
  • Added filter llms_order_can_be_confirmed.
  • Always bind JS for the login form handler on checkout and registration screens.
Templates Changed
LifterLMS REST API v1.0.0-beta.6
  • Fix issue causing certain webhooks to not trigger as a result of action load order.
  • Change “access_plans” to “Access Plans” for better human reading.

LifterLMS Version 3.34.3

  • During payment gateway order completion, use llms_redirect_and_exit() instead of wp_redirect() and exit().
LifterLMS REST API v1.0.0-beta.5
  • Load all required files and functions when authentication is triggered.
  • Access $_SERVER variables via filter_var instead of llms_filter_input to work around PHP bug

LifterLMS Version 3.34.2

LifterLMS REST API v1.0.0-beta.4
  • Load authentication handlers as early as possible. Fixes conflicts with numerous plugins which load user information earlier than expected by the WordPress core.
  • Harden permissions associated with viewing student enrollment information.
  • Returns a 400 Bad Request when invalid dates are supplied.
  • Student Enrollment objects return student and post id’s as integers instead of strings.
  • Fixed references to an undefined function.

LifterLMS Version 3.34.1

  • Update LifterLMS REST to v1.0.0-beta.3
Interface and Experience improvements during API Key creation
  • Better expose that API Keys are never shown again after the initial creation.
  • Allow downloading of API Credentials as a .txt file.
  • Add required properties to required fields.
  • Added the ability to CRUD webhooks via the REST API.
  • Conditionally throw _doing_it_wrong on server controller stubs.
  • Improve performance by returning early when errors are encountered for various methods.
  • Utilizes a new custom property show_in_llms_rest to determine if taxonomies should be displayed in the LifterLMS REST API.
  • On the webhooks table the “Delivery URL” is trimmed to 40 characters to improve table readability.
Bug fixes
  • Fixed a formatting error when creating webhooks with the default auto-generated webhook name.
  • On the webhooks table a translatable string is output for the status instead of the database value.
  • Fix an issue causing the “Last” page pagination link to display for lists with 0 possible results.
  • Don’t output the “Last” page pagination link on the last page.

LifterLMS Version 3.34.0

LifterLMS REST API v1.0.0-beta.1
  • A robust REST API is now included in the LifterLMS core.
  • Create API Keys to consume and manage LifterLMS resources and students from external applications.
  • Create webhooks to pass LifterLMS resource data to external applications (like Zapier!).
  • The full API specification can be found at
Student management capabilities
  • Explicit capabilities have been added to determine which users can create, view, update, and delete students.
  • Admins and LMS Managers have all student management capabilities.
  • Instructors and instructors assistants are granted limited view capabilities allowing them to only view students enrolled in their own courses/memberships.
  • Added the list_users capability to the “Instructor” role, allowing instructor’s to better view and manage their assistant instructors.
  • The new capabilities are: create_students, view_students, view_others_students, edit_students, edit_others_students, delete_students, & delete_others_students.
  • Added new actions to help differentiate enrollment creation and update events.
  • Added methods and logic for managing user management of other users.
  • Added a filter llms_table_get_table_classes to LifterLMS admin tables which allows customization of the CSS classes applied to the <table> elements. Thanks @pondermatic!
  • Added a filter llms_install_get_schema to the database schema to allow 3rd parties to run table installations alongside the core.
  • Added the ability to pull “raw” (unfiltered) data from the database via classes extending the LLMS_Post_Model abstract.
  • Added a bulk_set() method to the LLMS_Post_Model abstract allowing the updating of multiple properties in one command.
  • Added comment_status, ping_status, date_gmt, modified_gmt, menu_order, post_password as gettable\settable post properties via the LLMS_Post_Model abstract.
  • Links on reporting tables are now the proper color.
  • The editable_roles filter which determines which roles can manage which other roles is now always loaded (instead of being loaded only on the admin panel).
  • Updated LifterLMS Blocks to 1.5.2
Bug Fixes
  • Fixed an issue preventing the user_url property from being retrieved by the get() method of the LLMS_Abstract_User_Data class.
  • Fixed an issue causing the LLMS_Instructors::get_assistants() method to return assistants for the currently logged in user instead of the instructor of the instantiated object.
  • Fixed an issue which would allow LMS Managers to edit and delete site administrators.

The following functions and methods have been marked as deprecated and will be removed from LifterLMS with the next major release.

  • LLMSCourse::getchildrensections() use LLMSCourse::get_sections( ‘posts’ )” instead
  • LLMSCourse::getchildrenlessons() use LLMSCourse::get_lessons( ‘posts’ )” instead
  • LLMSCourse::getauthor()
  • LLMSCourse::getauthorid() use LLMSCourse::get( “author” ) instead
  • LLMSCourse::getauthor_name()
  • LLMSCourse::getsku() use LLMS_Course::get( “sku” ) instead
  • LLMSCourse::getid() use LLMS_Course::get( “id” ) instead
  • LLMSCourse::gettitle() use getthetitle() instead
  • LLMSCourse::getpermalink() use get_permalink() instead
  • LLMSCourse::getuserpostmetadata()
  • LLMSCourse::getuserpostmetasby_key()
  • LLMSCourse::getcheckout_url()
  • LLMSCourse::getstartdate() use LLMSCourse::getdate( “startdate” ) instead
  • LLMSCourse::getenddate() use LLMSCourse::getdate( “enddate” ) instead
  • LLMSCourse::getnextuncompletedlesson()
  • LLMSCourse::getlessonids() use LLMSCourse::get_lessons( “ids” ) instead
  • LLMSCourse::getsyllabussections() use LLMSCourse::get_sections() instead
  • LLMSCourse::getshortdescription() use LLMSCourse::get( “excerpt” ) instead
  • LLMSCourse::getsyllabus() use LLMSCourse::getsections() instead
  • LLMSCourse::getuserenrolldate()
  • LLMSCourse::getuserpostdata()
  • LLMSCourse::checkenrollment()
  • LLMSCourse::isuserenrolled() use llmsisuserenrolled() instead
  • LLMSCourse::getstudentprogress() use LLMSStudent::get_progress() instead
  • LLMSCourse::getmembership_link()

LifterLMS Version 3.33.2

  • It is now possible to send test copies of the “Student Welcome” email to yourself.
  • Improved information logged when an error is encountered during an email send.
  • Add backwards compatibility for legacy add-on integrations priority loading method.
  • Fixed undefined index notice when viewing log files on the admin status screen.

LifterLMS Version 3.33.1

  • Added method to retrieve the load priority of integrations.
  • The capabilities used to determine if uses can clone and export courses now check edit_course instead of edit_post.
Bug Fixes
  • Fixed an issue which would cause the “Net Sales” line to sometimes display as a bar on the sales revenue reporting chart.
  • Fixed an issue causing a PHP notice to be logged when viewing the sales reporting screen.
  • Fixed an issue causing backslashes to be added before quotation marks in access plan descriptions.
  • Integration classes are now loaded in the order defined by the integration class.
  • Fixed an issue causing a PHP error when viewing the admin logs screen when no logs exist.

LifterLMS Version 3.33.0

  • Added the ability for site administrators to delete (completely remove) enrollment records from the database.
  • Catalogs sorted by Order (menu_order) now have an additional sort (by post title) to improve ordering consistency for items with the same order, thanks @pondermatic!
  • Hooks in the dashboard order review template now pass the LLMS_Order.
LifterLMS Blocks
  • Updated to version 1.5.1
  • All blocks are now registered only for post types where they can actually be used.
  • Only register block visibility settings on static blocks. Fixes an issue causing core (or 3rd party) dynamic blocks from being managed within the block editor.
Bug Fixes
  • If an enrolled student accesses checkout for a course/membership they’re already enrolled in they will be shown a message stating as much.
  • Removed a redundant check for the existence of an order on the dashboard order review template.
  • When an order is deleted, student enrollment records for that order will be removed. This fixes an issue causing admins to not be able to manage the enrollment status of a student enrolled via a deleted order.
  • Fix issue causing errors when using the [lifterlms_lesson_mark_complete] shortcode on course post types.
  • Fixed an issue causing quiz questions to generate publicly accessible permalinks which could be indexed by search engines.
Templates Changed