Insecure Direct Object Reference in Academy LMS Plugin for WordPress
CVE-2026-5348

5.3MEDIUM

What is CVE-2026-5348?

The Academy LMS plugin for WordPress is susceptible to an Insecure Direct Object Reference, allowing unauthorized users to access sensitive course curriculum data. This vulnerability arises from the '/topics' REST API endpoint, which lacks adequate permission callbacks, thereby permitting unauthenticated access to course details. As a result, attackers can enumerate course IDs to gain insights into private, draft, scheduled, or password-protected courses without any verification of user enrollment or the course's post status, potentially exposing sensitive educational content.

Affected Version(s)

Academy LMS – WordPress LMS Plugin for Complete eLearning Solution 0 <= 3.8.1

References

CVSS V3.1

Score:
5.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Md. Moniruzzaman Prodhan (NomanProdhan)
.