VYPR

Academy

by WordPress

Source repositories

CVEs (5)

  • CVE-2025-15521CriJan 21, 2026
    risk 0.64cvss 9.8epss 0.00

    The Academy LMS – WordPress LMS Plugin for Complete eLearning Solution plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 3.5.0. This is due to the plugin not properly validating a user's identity prior to…

  • CVE-2025-68527MedDec 24, 2025
    risk 0.42cvss 6.5epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kodezen LLC Academy LMS academy allows Stored XSS.This issue affects Academy LMS: from n/a through <= 3.4.0.

  • CVE-2025-59562MedSep 22, 2025
    risk 0.36cvss 5.5epss 0.00

    Authorization Bypass Through User-Controlled Key vulnerability in Kodezen LLC Academy LMS academy allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Academy LMS: from n/a through <= 3.3.4.

  • CVE-2024-35171MedMay 14, 2024
    risk 0.34cvss 5.3epss 0.01

    Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Academy LMS academy.This issue affects Academy LMS: from n/a through 1.9.25.

  • CVE-2024-37234LowJul 6, 2024
    risk 0.23cvss 3.5epss 0.00

    URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Kodezen Limited Academy LMS.This issue affects Academy LMS: from n/a through 2.0.4.