CVE-2025-12099 | Academy LMS Plugin up to 3.3.8 on WordPress import_all_courses deserialization

November 8, 2025 Yanac

A vulnerability has been found in Academy LMS Plugin up to 3.3.8 on WordPress and classified as problematic. This issue affects the function import_all_courses. This manipulation causes deserialization.

This vulnerability is handled as CVE-2025-12099. The attack can be initiated remotely. There is not any exploit available.VulDB Recent EntriesRead More

CVE-2025-12621 | Flexible Refund and Return Order for WooCommerce Plugin Refund Status Update create_refund improper authorization
CVE-2025-12092 | CYAN Backup Plugin up to 2.5.4 on WordPress delete denial of service