2 matches found
CVE-2024-33912
CVE-2024-33912 pertains to Academy LMS (WordPress) and is a Missing Authorization vulnerability affecting Academy LMS versions up to 1.9.16. Public documents identify it as an authorization bypass issue allowing access to paid courses. The vulnerability is listed as patched in subsequent advisori...
WordPress Academy LMS Plugin <= 1.9.16 is vulnerable to Broken Access Control
Software Academy LMS Type Plugin Vulnerable versions = 1.9.16 Fixed in 1.9.17 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-33912 Patch priority Low CVSS severity Low 7.1 Developer Claim ownership PSID 5a16f30edc5a Credits Steven Julian Required privileg...