Academy LMS – WordPress LMS Plugin for Complete eLearning Solution

Vulnerabilities 11Slug academyLatest version 3.7.3WordPress.org →

Minimum safe version

3.5.4

Update to 3.5.4 or later to address 11 fixable vulnerabilities

Latest available3.7.3 ✓

Medium 6.5

2026-02-19< 3.5.4

CVE-2026-25372

CVE Wordfence

Critical 9.8

2026-01-21< 3.5.1

CVE-2025-15521

CVE Wordfence

Medium 6.5

2025-12-30< 3.4.1

Academy LMS <= 3.4.0 - Authenticated (Contributor+) Stored Cross-Site Scripting

Wordfence CVE

High 7.2

2025-11-08< 3.3.9

CVE-2025-12099

CVE Wordfence

Medium 5.5

2025-09-22< 3.3.5

WordPress Academy LMS Plugin <= 3.3.4 is vulnerable to Insecure Direct Object References (IDOR)

Patchstack Wordfence EUVD CVE

High 8.8

2024-07-22< 2.0.5

CVE-2024-38701

CVE Patchstack Wordfence

Low 3.5

2024-07-06< 2.0.11

CVE-2024-37234

CVE Patchstack Wordfence

Medium 5.3

2024-05-13< 1.9.26

CVE-2024-35171

CVE Patchstack Wordfence

High 8.8

2024-05-06< 1.9.17

CVE-2024-33912

CVE Patchstack Wordfence

High 8.8

2024-06-09< 1.9.17

CVE-2024-32714

CVE Patchstack Wordfence

High 8.8

2024-03-13< 1.9.20

CVE-2024-1505

CVE Wordfence Patchstack WPScan