CVE-2026-27983 PUBLISHED

WordPress LMS Elementor Pro plugin <= 1.0.4 - Privilege Escalation vulnerability

Assigner: Patchstack
Reserved: 25.02.2026 Published: 05.03.2026 Updated: 05.03.2026

Incorrect Privilege Assignment vulnerability in designthemes LMS Elementor Pro lms-elementor-pro allows Privilege Escalation.This issue affects LMS Elementor Pro: from n/a through <= 1.0.4.

Product Status

Vendor	designthemes
Product	LMS Elementor Pro
Versions	Default: unaffected affected from n/a to <= 1.0.4 (incl.)

Credits

luc | Patchstack Bug Bounty Program finder

References

https://patchstack.com/database/Wordpress/Plugin/lms-elementor-pro/vulnerability/wordpress-lms-elementor-pro-plugin-1-0-4-privilege-escalation-vulnerability?_s_id=cve

Problem Types

Incorrect Privilege Assignment CWE

Impacts

Privilege Escalation