CVE-2021-24308

MEDIUM

Lifterlms < 4.21.1 - XSS

Title source: rule

Description

The 'State' field of the Edit profile page of the LMS by LifterLMS – Online Course, Membership & Learning Management System Plugin for WordPress plugin before 4.21.1 is not properly sanitised when output in the About section of the profile page, leading to a stored Cross-Site Scripting issue. This could allow low privilege users (such as students) to elevate their privilege via an XSS attack when an admin will view their profile.

Exploits (1)

exploitdb WORKING POC

by Captain_hook · textwebappsphp

https://www.exploit-db.com/exploits/49912

View Code ZIP pw:eip

References (3)

[Exploit, Third Party Advisory] https://wpscan.com/vulnerability/f29f68a5-6575-441d-98c9-867145f2b082

[Release Notes, Third Party Advisory] https://github.com/gocodebox/lifterlms/releases/tag/4.21.1

[Exploit, Third Party Advisory, VDB Entry] http://packetstormsecurity.com/files/162856/WordPress-LifterLMS-4.21.0-Cross-Site-Scripting.html

Scores

CVSS v3 5.4

EPSS 0.0027

EPSS Percentile 50.4%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Details

CWE

CWE-79

Status published

Products (1)

lifterlms/lifterlms < 4.21.1

Published May 24, 2021

Tracked Since Feb 18, 2026