Skip to main content

Academy Lms Pro

1 CVEs product

Monthly

CVE-2026-39598 HIGH PATCH This Week

Arbitrary file upload in Kodezen Academy LMS Pro (WordPress plugin) versions prior to 3.5.2 allows authenticated attackers with high privileges to upload web shells to the underlying web server, leading to full site compromise. The flaw was reported by Patchstack and a vendor patch is available, but no public exploit has been identified at time of analysis and the issue is not listed in CISA KEV.

File Upload Academy Lms Pro
NVD
CVSS 3.1
8.0
EPSS
0.3%
EPSS 0% CVSS 8.0
HIGH PATCH This Week

Arbitrary file upload in Kodezen Academy LMS Pro (WordPress plugin) versions prior to 3.5.2 allows authenticated attackers with high privileges to upload web shells to the underlying web server, leading to full site compromise. The flaw was reported by Patchstack and a vendor patch is available, but no public exploit has been identified at time of analysis and the issue is not listed in CISA KEV.

File Upload Academy Lms Pro
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy