{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-15347", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2025-12-29T23:50:31.027Z", "datePublished": "2026-01-20T14:26:33.130Z", "dateUpdated": "2026-04-14T15:07:39.389Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T16:51:05.547Z"}, "affected": [{"vendor": "getwpfunnels", "product": "Creator LMS \u2013 Online Courses and eLearning Plugin", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "1.1.12", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The Creator LMS \u2013 The LMS for Creators, Coaches, and Trainers plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check in the get_items_permissions_check function in all versions up to, and including, 1.1.12. This makes it possible for authenticated attackers, with contributor level access and above, to update arbitrary WordPress options."}], "title": "Creator LMS \u2013 The LMS for Creators, Coaches, and Trainers <= 1.1.12 - Missing Authorization to Authenticated (Contributor+) Arbitrary Options Update", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/4bddaefc-9ddc-4798-acb6-7b87f7c924a1?source=cve"}, {"url": "https://plugins.trac.wordpress.org/changeset/3433193/creatorlms/tags/1.1.13/includes/Rest/V1/SettingsController.php"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-862 Missing Authorization", "cweId": "CWE-862", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "baseScore": 8.8, "baseSeverity": "HIGH"}}], "credits": [{"lang": "en", "type": "finder", "value": "Sarawut Poolkhet"}], "timeline": [{"time": "2025-12-22T00:00:00.000Z", "lang": "en", "value": "Discovered"}, {"time": "2025-12-30T00:07:43.000Z", "lang": "en", "value": "Vendor Notified"}, {"time": "2026-01-20T01:48:16.000Z", "lang": "en", "value": "Disclosed"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-01-20T14:50:10.607501Z", "id": "CVE-2025-15347", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-14T15:07:39.389Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-15347", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-01-20T14:50:10.607501Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-01-20T14:50:18.024Z"}}], "cna": {"title": "Creator LMS \u2013 The LMS for Creators, Coaches, and Trainers <= 1.1.12 - Missing Authorization to Authenticated (Contributor+) Arbitrary Options Update", "credits": [{"lang": "en", "type": "finder", "value": "Sarawut Poolkhet"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}}], "affected": [{"vendor": "getwpfunnels", "product": "Creator LMS \u2013 Online Courses and eLearning Plugin", "versions": [{"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "1.1.12"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2025-12-22T00:00:00.000Z", "value": "Discovered"}, {"lang": "en", "time": "2025-12-30T00:07:43.000Z", "value": "Vendor Notified"}, {"lang": "en", "time": "2026-01-20T01:48:16.000Z", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/4bddaefc-9ddc-4798-acb6-7b87f7c924a1?source=cve"}, {"url": "https://plugins.trac.wordpress.org/changeset/3433193/creatorlms/tags/1.1.13/includes/Rest/V1/SettingsController.php"}], "descriptions": [{"lang": "en", "value": "The Creator LMS \u2013 The LMS for Creators, Coaches, and Trainers plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check in the get_items_permissions_check function in all versions up to, and including, 1.1.12. This makes it possible for authenticated attackers, with contributor level access and above, to update arbitrary WordPress options."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-862", "description": "CWE-862 Missing Authorization"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T16:51:05.547Z"}}}, "cveMetadata": {"cveId": "CVE-2025-15347", "state": "PUBLISHED", "dateUpdated": "2026-04-14T15:07:39.389Z", "dateReserved": "2025-12-29T23:50:31.027Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2026-01-20T14:26:33.130Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The Creator LMS \u2013 The LMS for Creators, Coaches, and Trainers plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check in the get_items_permissions_check function in all versions up to, and including, 1.1.12. This makes it possible for authenticated attackers, with contributor level access and above, to update arbitrary WordPress options."}, {"lang": "es", "value": "El plugin The Creator LMS \u2013 The LMS para Creators, Coaches, and Trainers para WordPress es vulnerable a la modificaci\u00f3n no autorizada de datos que puede conducir a una escalada de privilegios debido a una comprobaci\u00f3n de capacidad faltante en la funci\u00f3n get_items_permissions_check en todas las versiones hasta la 1.1.12, inclusive. Esto permite a atacantes autenticados, con acceso de nivel de colaborador y superior, actualizar opciones arbitrarias de WordPress."}], "id": "CVE-2025-15347", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2026-01-20T15:16:15.553", "references": [{"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/changeset/3433193/creatorlms/tags/1.1.13/includes/Rest/V1/SettingsController.php"}, {"source": "security@wordfence.com", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/4bddaefc-9ddc-4798-acb6-7b87f7c924a1?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-862"}], "source": "security@wordfence.com", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-20T15:57:38.827400+00:00", "value": {"mitigation_remediation": ["Upgrade the Creator LMS plugin to version\u202f1.1.13 or newer, which implements the missing capability check in get_items_permissions_check.", "After updating, remove or limit contributor\u2011level accounts on the WordPress site unless they are strictly needed.", "As a temporary defensive measure, restrict the REST API endpoints that expose the settings update functionality to administrators only, using a firewall rule or .htaccess restriction."], "summary": {"action": "Patch", "impact": "Privilege Escalation"}, "threat_synthesis": {"affected_systems": "All releases of the Creator LMS plugin identified as getwpfunnels:Creator LMS \u2013 Online Courses and eLearning Plugin, up to and including version\u202f1.1.12, are affected on WordPress installations that have contributors or higher users. Earlier versions that include the missing check or that are beyond 1.1.12 are not vulnerable.", "description_and_impact": "The vulnerability lies in a missing capability check in the get_items_permissions_check function of the Creator LMS plugin. This oversight allows an authenticated user with contributor\u2011level access or higher to modify any WordPress option stored by the plugin, resulting in privilege escalation that can compromise site integrity. This flaw is identified as CWE\u2011862, Missing Authorization.", "risk_and_exploitability": "The CVSS score of 8.8 categorizes this defect as High severity. The EPSS score of <\u202f1% suggests that active exploitation in the wild is currently very low, and it is not listed in CISA\u2019s KEV catalog. However, because the threat requires only authenticated contributor\u2011level access\u2014which is commonly available on many public WordPress sites\u2014a determined attacker could quickly modify settings once the plugin is installed."}}}}, "created": "2026-01-21T11:19:18.012866+00:00", "updated": "2026-04-20T16:00:10.646854+00:00", "vendors": ["getwpfunnels", "getwpfunnels$PRODUCT$creator_lms", "wordpress", "wordpress$PRODUCT$wordpress"]}