CVE-2025-12098 | Academy LMS Plugin up to 3.3.8 on WordPress Social Login enqueue_social_login_script information disclosure

Inserito da Angelo Barbosa | Nov 8, 2025 | CVE

A vulnerability identified as problematic has been detected in Academy LMS Plugin up to 3.3.8 on WordPress. Affected is the function enqueue_social_login_script of the component Social Login Handler. This manipulation causes information disclosure.

This vulnerability is tracked as CVE-2025-12098. The attack is possible to be carried out remotely. No exploit exists.

CVE-2025-12098 | Academy LMS Plugin up to 3.3.8 on WordPress Social Login enqueue_social_login_script information disclosure

Post correlati

CVE-2024-5611 | Stratum Plugin up to 1.4.1 on WordPress Countdown Widget cross site scripting

CVE-2024-40662 | Google Android 12/12L/13/14 Uri.java scheme input validation

CVE-2024-54130 | NASA ION-DTN prior 4.1.3s Destination Endpoint ID null pointer dereference (GHSA-7pj7-hfwv-q3v6)

CVE-2024-55894 | TYPO3 up to 10.4.47/11.5.41/12.4.24/13.4.2 Backend User Module cross-site request forgery (GHSA-6w4x-gcx3-8p7v)