Vulnerability Details CVE-2025-56748
Creativeitem Academy LMS up to and including 5.13 uses predictable password reset tokens based on Base64 encoded templates without rate limiting, allowing brute force attacks to guess valid reset tokens and compromise user accounts.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 11.7%
CVSS Severity
CVSS v3 Score 6.4
Products affected by CVE-2025-56748
-
cpe:2.3:a:creativeitem:academy_lms:-
-
cpe:2.3:a:creativeitem:academy_lms:1.0
-
cpe:2.3:a:creativeitem:academy_lms:1.1
-
cpe:2.3:a:creativeitem:academy_lms:1.2
-
cpe:2.3:a:creativeitem:academy_lms:1.3
-
cpe:2.3:a:creativeitem:academy_lms:2.0
-
cpe:2.3:a:creativeitem:academy_lms:2.1
-
cpe:2.3:a:creativeitem:academy_lms:2.2
-
cpe:2.3:a:creativeitem:academy_lms:2.3
-
cpe:2.3:a:creativeitem:academy_lms:2.4
-
cpe:2.3:a:creativeitem:academy_lms:3.0
-
cpe:2.3:a:creativeitem:academy_lms:3.1
-
cpe:2.3:a:creativeitem:academy_lms:3.2
-
cpe:2.3:a:creativeitem:academy_lms:3.2.1
-
cpe:2.3:a:creativeitem:academy_lms:3.3
-
cpe:2.3:a:creativeitem:academy_lms:3.4
-
cpe:2.3:a:creativeitem:academy_lms:3.5
-
cpe:2.3:a:creativeitem:academy_lms:3.6
-
cpe:2.3:a:creativeitem:academy_lms:4.0
-
cpe:2.3:a:creativeitem:academy_lms:4.0.1
-
cpe:2.3:a:creativeitem:academy_lms:4.1
-
cpe:2.3:a:creativeitem:academy_lms:4.2
-
cpe:2.3:a:creativeitem:academy_lms:4.3
-
cpe:2.3:a:creativeitem:academy_lms:4.4
-
cpe:2.3:a:creativeitem:academy_lms:4.5
-
cpe:2.3:a:creativeitem:academy_lms:4.6
-
cpe:2.3:a:creativeitem:academy_lms:4.7
-
cpe:2.3:a:creativeitem:academy_lms:5.0
-
cpe:2.3:a:creativeitem:academy_lms:5.1
-
cpe:2.3:a:creativeitem:academy_lms:5.10
-
cpe:2.3:a:creativeitem:academy_lms:5.10.1
-
cpe:2.3:a:creativeitem:academy_lms:5.11
-
cpe:2.3:a:creativeitem:academy_lms:5.12
-
cpe:2.3:a:creativeitem:academy_lms:5.13
-
cpe:2.3:a:creativeitem:academy_lms:5.2
-
cpe:2.3:a:creativeitem:academy_lms:5.3
-
cpe:2.3:a:creativeitem:academy_lms:5.4
-
cpe:2.3:a:creativeitem:academy_lms:5.5
-
cpe:2.3:a:creativeitem:academy_lms:5.6
-
cpe:2.3:a:creativeitem:academy_lms:5.7
-
cpe:2.3:a:creativeitem:academy_lms:5.8
-
cpe:2.3:a:creativeitem:academy_lms:5.9
-
cpe:2.3:a:creativeitem:academy_lms:5.9.1