14 matches found
WordPress Academy LMS – WordPress LMS Plugin for Complete eLearning Solution plugin <= 3.8.1 - Unauthenticated Insecure Direct Object Reference to Private Topic Disclosure vulnerability
Unauthenticated Insecure Direct Object Reference to Private Topic Disclosure vulnerability discovered by Md. Moniruzzaman Prodhan NomanProdhan - Knight Squad in WordPress Plugin Academy LMS versions = 3.8.1...
CVE-2026-39598
CVE-2026-39598 concerns WordPress Academy LMS Pro plugin (pre-3.5.2). The vulnerability is an Unrestricted Upload of File with a Dangerous Type, enabling an attacker to upload a web shell to the web server. Affected: Academy LMS Pro prior to 3.5.2. CVSS 3.1 metrics indicate NETWORK attack Vector,...
CVE-2026-25372 WordPress Academy LMS plugin <= 3.5.3 - Broken Access Control vulnerability
Missing Authorization vulnerability in Kodezen LLC Academy LMS academy allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Academy LMS: from n/a through = 3.5.3...
CVE-2026-25372
CVE-2026-25372 affects the Academy LMS WordPress plugin (
WordPress Academy LMS plugin <= 3.5.3 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Jakub Herman in WordPress Plugin Academy LMS versions = 3.5.3...
WordPress Academy LMS plugin <= 3.5.0 - Privilege Escalation vulnerability
Privilege Escalation vulnerability discovered by vgo0 in WordPress Plugin Academy LMS versions = 3.5.0...
Unspecified Vulnerability in WordPress Plugin Academy LMS
WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. A security vulnerability exists in the WordPress plugin Academy LMS, which can be exploited by ...
WordPress Academy LMS plugin <= 2.0.4 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by filime Patchstack Alliance in WordPress Plugin Academy LMS versions = 2.0.4...
CVE-2024-32714 WordPress Academy LMS plugin <= 1.9.16 - Broken Access Control vulnerability
Missing Authorization vulnerability in Academy LMS academy.This issue affects Academy LMS: from n/a through 1.9.16...
WordPress Academy LMS plugin <= 1.9.25 - Sensitive Data Exposure vulnerability
Sensitive Data Exposure vulnerability discovered by Peng Zhou Patchstack Alliance in WordPress Plugin Academy LMS versions = 1.9.25...
WordPress Academy LMS Plugin <= 1.9.25 is vulnerable to Sensitive Data Exposure
Software Academy LMS Type Plugin Vulnerable versions = 1.9.25 Fixed in 1.9.26 OWASP Top 10 A1: Broken Access Control Classification Sensitive Data Exposure CVE CVE-2024-35171 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID d7ce74e58435 Credits Peng Zhou Required privilege...
WordPress Academy LMS plugin <= 1.9.16 - Broken Access Control on Paid Courses vulnerability
Broken Access Control on Paid Courses vulnerability discovered by Steven Julian Patchstack Alliance in WordPress Plugin Academy LMS versions = 1.9.16...
WordPress Academy LMS plugin <= 1.9.16 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Mochamad Sofyan Patchstack Alliance in WordPress Plugin Academy LMS versions = 1.9.16...
WordPress Academy LMS Plugin <= 1.9.19 is vulnerable to Privilege Escalation
Software Academy LMS Type Plugin Vulnerable versions = 1.9.19 Fixed in 1.9.20 OWASP Top 10 A1: Broken Access Control Classification Privilege Escalation CVE CVE-2024-1505 Patch priority High CVSS severity High 8.8 Developer Claim ownership PSID 65c72fe58c1f Credits Lucio Sá Required privilege...