Browse all 4 CVE security advisories affecting Kodezen LLC. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Kodezen LLC develops enterprise software solutions with a core focus on custom application development and system integration. Historically, their products have been susceptible to remote code execution, cross-site scripting, and privilege escalation vulnerabilities, as evidenced by their four recorded CVEs. The company's security posture has shown inconsistencies, with several critical flaws remaining unpatched for extended periods. While no major public security incidents have been documented, the pattern of vulnerabilities in their codebase suggests a need for enhanced secure development practices and more rigorous testing protocols before deployment.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-25372 | WordPress Academy LMS plugin <= 3.5.3 - Broken Access Control vulnerability — Academy LMSCWE-862 | 6.5 | Medium | 2026-02-19 |
| CVE-2025-68527 | WordPress Academy LMS plugin <= 3.4.0 - Cross Site Scripting (XSS) vulnerability — Academy LMSCWE-79 | 6.5 | Medium | 2025-12-24 |
| CVE-2025-59562 | WordPress Academy LMS Plugin <= 3.3.4 - Insecure Direct Object References (IDOR) Vulnerability — Academy LMSCWE-639 | 5.5 | Medium | 2025-09-22 |
| CVE-2025-47616 | WordPress aBlocks plugin <= 1.9.2 - Cross Site Scripting (XSS) Vulnerability — aBlocksCWE-79 | 6.5 | Medium | 2025-05-07 |
This page lists every published CVE security advisory associated with Kodezen LLC. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.