Public CVE-2025-54603 disclosure

Creativeitem Academy LMS up to and including 5.13 contains a privilege escalation vulnerability in the Api_instructor controller where regular authenticated users can access instructor-only functions without proper role validation, allowing...