Description
Authorization Bypass Through User-Controlled Key vulnerability in Kodezen LLC Academy LMS academy allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Academy LMS: from n/a through <= 3.3.4.
Published: 2025-09-22
Score: 5.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The Academy LMS plugin contains an insecure direct object reference flaw classified as CWE‑639, allowing a user to supply a key that bypasses intended access controls. By manipulating which resource is requested, an attacker can obtain data or perform actions that the policy does not authorize. The vulnerability could expose confidential course materials, personal user data, or administrative settings, thereby compromising confidentiality and potentially integrity.

Affected Systems

The flaw is present in all releases of the Academy LMS plugin up to and including version 3.3.4, distributed by Kodezen LLC. WordPress sites that host the plugin in any of these versions are affected.

Risk and Exploitability

The CVSS score of 5.5 indicates moderate severity, while the EPSS score of less than 1% suggests a low likelihood of current exploitation and it is not listed in the CISA KEV catalog. Attackers typically craft a request that includes a crafted key or identifier to access a protected resource; this usually requires a user to be authenticated, which is inferred from the description of an authorization bypass. Successful exploitation would grant the attacker the privileges associated with the authenticated session without needing higher privileges.

Generated by OpenCVE AI on April 30, 2026 at 06:12 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Academy LMS to any version newer than 3.3.4 to apply the vendor fix.
  • Implement explicit access checks that verify a user’s role before granting access to objects identified by external keys.
  • Validate or reject any user‑controlled identifiers to ensure they cannot be used to locate objects they should not access.

Generated by OpenCVE AI on April 30, 2026 at 06:12 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
EUVD EUVD EUVD-2025-30511 Authorization Bypass Through User-Controlled Key vulnerability in Academy LMS Academy LMS allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Academy LMS: from n/a through 3.3.4.
History

Thu, 23 Apr 2026 15:00:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:H'}

Wed, 01 Apr 2026 23:45:00 +0000

Type Values Removed Values Added
Description Authorization Bypass Through User-Controlled Key vulnerability in Academy LMS Academy LMS allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Academy LMS: from n/a through 3.3.4. Authorization Bypass Through User-Controlled Key vulnerability in Kodezen LLC Academy LMS academy allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Academy LMS: from n/a through <= 3.3.4.
References
Metrics cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:H'}

Tue, 23 Sep 2025 21:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 23 Sep 2025 16:15:00 +0000

Type Values Removed Values Added
First Time appeared Creativeitem
Creativeitem academy Lms
Wordpress
Wordpress wordpress
Vendors & Products Creativeitem
Creativeitem academy Lms
Wordpress
Wordpress wordpress

Mon, 22 Sep 2025 18:45:00 +0000

Type Values Removed Values Added
Description Authorization Bypass Through User-Controlled Key vulnerability in Academy LMS Academy LMS allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Academy LMS: from n/a through 3.3.4.
Title WordPress Academy LMS Plugin <= 3.3.4 - Insecure Direct Object References (IDOR) Vulnerability
Weaknesses CWE-639
References
Metrics cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:H'}

Subscriptions

Creativeitem Academy Lms
Wordpress Wordpress
cve-icon MITRE

Status: PUBLISHED

Assigner: Patchstack

Published:

Updated: 2026-04-28T16:13:52.612Z

Reserved: 2025-09-17T18:00:53.704Z

Link: CVE-2025-59562

cve-icon Vulnrichment

Updated: 2025-09-23T17:48:00.670Z

cve-icon NVD

Status : Deferred

Published: 2025-09-22T19:16:24.490

Modified: 2026-04-23T15:34:04.023

Link: CVE-2025-59562

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-30T06:15:29Z

Weaknesses