CVE-2026-25372

CVE-2026-25372 affects the Academy LMS WordPress plugin (

WordPress Academy LMS plugin <= 3.5.3 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Jakub Herman in WordPress Plugin Academy LMS versions = 3.5.3...

WordPress Academy LMS plugin <= 3.5.0 - Privilege Escalation vulnerability

Privilege Escalation vulnerability discovered by vgo0 in WordPress Plugin Academy LMS versions = 3.5.0...

Unspecified Vulnerability in WordPress Plugin Academy LMS

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. A security vulnerability exists in the WordPress plugin Academy LMS, which can be exploited by ...

WordPress Academy LMS plugin <= 2.0.4 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by filime Patchstack Alliance in WordPress Plugin Academy LMS versions = 2.0.4...

CVE-2024-32714 WordPress Academy LMS plugin <= 1.9.16 - Broken Access Control vulnerability

Missing Authorization vulnerability in Academy LMS academy.This issue affects Academy LMS: from n/a through 1.9.16...

WordPress Academy LMS Plugin <= 1.9.25 is vulnerable to Sensitive Data Exposure

Software Academy LMS Type Plugin Vulnerable versions = 1.9.25 Fixed in 1.9.26 OWASP Top 10 A1: Broken Access Control Classification Sensitive Data Exposure CVE CVE-2024-35171 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID d7ce74e58435 Credits Peng Zhou Required privilege...

WordPress Academy LMS plugin <= 1.9.16 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Mochamad Sofyan Patchstack Alliance in WordPress Plugin Academy LMS versions = 1.9.16...

WordPress Academy LMS Plugin <= 1.9.19 is vulnerable to Privilege Escalation

Software Academy LMS Type Plugin Vulnerable versions = 1.9.19 Fixed in 1.9.20 OWASP Top 10 A1: Broken Access Control Classification Privilege Escalation CVE CVE-2024-1505 Patch priority High CVSS severity High 8.8 Developer Claim ownership PSID 65c72fe58c1f Credits Lucio Sá Required privilege...