Skip to main content

Creator Lms

1 CVEs product

Monthly

CVE-2026-32530 HIGH This Week

An Incorrect Privilege Assignment vulnerability exists in WPFunnels Creator LMS plugin (versions up to and including 1.1.18) that allows authenticated or unauthenticated attackers to escalate their privileges within the application. This CWE-266 flaw enables attackers to gain unauthorized administrative or elevated access, potentially compromising the entire LMS installation and user data. While CVSS and EPSS scores are not yet publicly available, the privilege escalation nature and confirmed vulnerability status indicate significant real-world risk, particularly for WordPress installations managing educational content and user accounts.

Privilege Escalation Creator Lms
NVD VulDB
CVSS 3.1
8.8
EPSS
0.0%
EPSS 0% CVSS 8.8
HIGH This Week

An Incorrect Privilege Assignment vulnerability exists in WPFunnels Creator LMS plugin (versions up to and including 1.1.18) that allows authenticated or unauthenticated attackers to escalate their privileges within the application. This CWE-266 flaw enables attackers to gain unauthorized administrative or elevated access, potentially compromising the entire LMS installation and user data. While CVSS and EPSS scores are not yet publicly available, the privilege escalation nature and confirmed vulnerability status indicate significant real-world risk, particularly for WordPress installations managing educational content and user accounts.

Privilege Escalation Creator Lms
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy