Lucene search
K

4 matches found

EUVD
EUVD
added 8 hours ago6 views

EUVD-2026-41250

The Academy LMS – WordPress LMS Plugin for Complete eLearning Solution plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions up to, and including, 3.8.1. This is due to the '/topics' REST API endpoint being registered with a permission callback set to 'returntrue',...

5.3CVSS5.8AI score
Exploits0References8
Cvelist
Cvelist
added 2026/02/19 8:27 a.m.30 views

CVE-2026-25372 WordPress Academy LMS plugin <= 3.5.3 - Broken Access Control vulnerability

Missing Authorization vulnerability in Kodezen LLC Academy LMS academy allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Academy LMS: from n/a through = 3.5.3...

6.5CVSS0.00212EPSS
Exploits0References1
CNVD
CNVD
added 2025/10/24 12:0 a.m.4 views

WordPress Plugin Academy LMS Elevation of Privilege Vulnerability

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. An elevation of privilege vulnerability exists in the WordPress plugin Academy LMS due to the...

8.1CVSS6.8AI score0.00367EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/04/29 1:51 p.m.5 views

WordPress Academy LMS plugin <= 1.9.16 - Broken Access Control on Paid Courses vulnerability

Broken Access Control on Paid Courses vulnerability discovered by Steven Julian Patchstack Alliance in WordPress Plugin Academy LMS versions = 1.9.16...

8.8CVSS7AI score0.0044EPSS
Exploits0Affected Software1
Rows per page
Query Builder