{"api_version":"1","generated_at":"2026-04-21T20:33:04+00:00","cve":"CVE-2024-1505","urls":{"html":"https://cve.report/CVE-2024-1505","api":"https://cve.report/api/cve/CVE-2024-1505.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2024-1505","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2024-1505"},"summary":{"title":"Academy LMS – eLearning and online course solution for WordPress <= 1.9.19 -  Authenticated (Subscriber+) Privilege Escalation","description":"The Academy LMS – eLearning and online course solution for WordPress plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.9.19. This is due to plugin allowing arbitrary user meta updates through the saved_user_info() function. This makes it possible for authenticated attackers, with minimal permissions such as students, to elevate their user role to that of an administrator.","state":"PUBLISHED","assigner":"Wordfence","published_at":"2024-03-13 16:15:23","updated_at":"2026-04-08 19:20:46"},"problem_types":["CWE-269","NVD-CWE-noinfo","CWE-269 CWE-269 Improper Privilege Management"],"metrics":[{"version":"3.1","source":"security@wordfence.com","type":"Secondary","score":"8.8","severity":"HIGH","vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","data":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"}},{"version":"3.1","source":"CNA","type":"DECLARED","score":"8.8","severity":"HIGH","vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","data":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","version":"3.1"}}],"references":[{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/b150f90a-ccb7-4c19-a4b3-eaf9ec264ba8?source=cve","name":"https://www.wordfence.com/threat-intel/vulnerabilities/id/b150f90a-ccb7-4c19-a4b3-eaf9ec264ba8?source=cve","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://plugins.trac.wordpress.org/changeset/3037880/academy#file473","name":"https://plugins.trac.wordpress.org/changeset/3037880/academy#file473","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://www.cve.org/CVERecord?id=CVE-2024-1505","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-1505","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"kodezen","product":"Academy LMS – WordPress LMS Plugin for Complete eLearning Solution","version":"affected 1.9.19 semver","platforms":[]},{"source":"ADP","vendor":"kodezen","product":"academy_lms","version":"affected 1.9.19 semver","platforms":[]}],"timeline":[{"source":"CNA","time":"2024-02-21T00:00:00.000Z","lang":"en","value":"Disclosed"}],"solutions":[],"workarounds":[],"exploits":[],"credits":[{"source":"CNA","value":"Lucio Sá","lang":"en"}],"nvd_cpes":[{"cve_year":"2024","cve_id":"1505","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"kodezen","cpe5":"academy_lms","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"wordpress","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":{"cve_year":"2024","cve_id":"1505","cve":"CVE-2024-1505","epss":"0.001760000","percentile":"0.390560000","score_date":"2026-04-20","updated_at":"2026-04-21 00:07:51"},"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"providerMetadata":{"dateUpdated":"2024-08-01T18:40:21.307Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"tags":["x_transferred"],"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/b150f90a-ccb7-4c19-a4b3-eaf9ec264ba8?source=cve"},{"tags":["x_transferred"],"url":"https://plugins.trac.wordpress.org/changeset/3037880/academy#file473"}],"title":"CVE Program Container"},{"affected":[{"cpes":["cpe:2.3:a:kodezen:academy_lms:*:*:*:*:*:wordpress:*:*"],"defaultStatus":"unaffected","product":"academy_lms","vendor":"kodezen","versions":[{"lessThanOrEqual":"1.9.19","status":"affected","version":"0","versionType":"semver"}]}],"metrics":[{"other":{"content":{"id":"CVE-2024-1505","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"total"}],"role":"CISA Coordinator","timestamp":"2024-03-13T18:38:50.360070Z","version":"2.0.3"},"type":"ssvc"}}],"providerMetadata":{"dateUpdated":"2024-08-11T13:44:58.994Z","orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP"},"title":"CISA ADP Vulnrichment"}],"cna":{"affected":[{"defaultStatus":"unaffected","product":"Academy LMS – WordPress LMS Plugin for Complete eLearning Solution","vendor":"kodezen","versions":[{"lessThanOrEqual":"1.9.19","status":"affected","version":"0","versionType":"semver"}]}],"credits":[{"lang":"en","type":"finder","value":"Lucio Sá"}],"descriptions":[{"lang":"en","value":"The Academy LMS – eLearning and online course solution for WordPress plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.9.19. This is due to plugin allowing arbitrary user meta updates through the saved_user_info() function. This makes it possible for authenticated attackers, with minimal permissions such as students, to elevate their user role to that of an administrator."}],"metrics":[{"cvssV3_1":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","version":"3.1"}}],"problemTypes":[{"descriptions":[{"cweId":"CWE-269","description":"CWE-269 Improper Privilege Management","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2026-04-08T17:16:13.140Z","orgId":"b15e7b5b-3da4-40ae-a43c-f7aa60e62599","shortName":"Wordfence"},"references":[{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/b150f90a-ccb7-4c19-a4b3-eaf9ec264ba8?source=cve"},{"url":"https://plugins.trac.wordpress.org/changeset/3037880/academy#file473"}],"timeline":[{"lang":"en","time":"2024-02-21T00:00:00.000Z","value":"Disclosed"}],"title":"Academy LMS – eLearning and online course solution for WordPress <= 1.9.19 -  Authenticated (Subscriber+) Privilege Escalation"}},"cveMetadata":{"assignerOrgId":"b15e7b5b-3da4-40ae-a43c-f7aa60e62599","assignerShortName":"Wordfence","cveId":"CVE-2024-1505","datePublished":"2024-03-13T15:27:10.817Z","dateReserved":"2024-02-14T18:48:20.849Z","dateUpdated":"2026-04-08T17:16:13.140Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.2"},"nvd":{"publishedDate":"2024-03-13 16:15:23","lastModifiedDate":"2026-04-08 19:20:46","problem_types":["CWE-269","NVD-CWE-noinfo","CWE-269 CWE-269 Improper Privilege Management"],"metrics":{"cvssMetricV31":[{"source":"security@wordfence.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:kodezen:academy_lms:*:*:*:*:*:wordpress:*:*","versionEndExcluding":"1.9.20","matchCriteriaId":"7AFAFC9F-C68B-49FA-9465-F7AE2395CD3B"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2024","CveId":"1505","Ordinal":"1","Title":"Academy LMS – eLearning and online course solution for WordPress","CVE":"CVE-2024-1505","Year":"2024"},"notes":[{"CveYear":"2024","CveId":"1505","Ordinal":"1","NoteData":"The Academy LMS – eLearning and online course solution for WordPress plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.9.19. This is due to plugin allowing arbitrary user meta updates through the saved_user_info() function. This makes it possible for authenticated attackers, with minimal permissions such as students, to elevate their user role to that of an administrator.","Type":"Description","Title":"Academy LMS – eLearning and online course solution for WordPress"}]}}}