PT-2026-3751 · WordPress · Academy Lms
Vgo0
·
Published
2026-01-21
·
Updated
2026-02-28
·
CVE-2025-15521
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Academy LMS – WordPress LMS Plugin for Complete eLearning Solution versions prior to 3.5.1
Description
The Academy LMS – WordPress LMS Plugin for Complete eLearning Solution is susceptible to privilege escalation through account takeover. The issue stems from insufficient validation of a user’s identity before allowing password updates, relying solely on a publicly accessible nonce for authorization. This allows unauthenticated attackers to modify any user’s password, including administrator accounts, and gain unauthorized access.
Recommendations
Update Academy LMS – WordPress LMS Plugin for Complete eLearning Solution to version 3.5.1 or later.
Fix
LPE
IDOR
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Academy Lms