CVE-2025-56748
CVE-2025-56748 affects Creativeitem Academy LMS up to and including 5.13, with a vulnerability in password reset tokens that are predictable because they rely on Base64-encoded templates and lack rate limiting. This allows brute-force guessing of valid reset tokens and potential account compromis...