CVE-2021-24308

MEDIUM

LifterLMS < 4.21.1 - Stored Cross-Site Scripting via Profile State Field

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2021-24308. PoCs published by Captain_hook.

AI-analyzed exploit summary This exploit demonstrates a stored XSS vulnerability in the LifterLMS WordPress plugin (versions < 4.21.1) where the 'State' field in the user profile is not properly sanitized. An attacker with low privileges can inject malicious JavaScript, which executes when an admin views the profile.

Description

The 'State' field of the Edit profile page of the LMS by LifterLMS – Online Course, Membership & Learning Management System Plugin for WordPress plugin before 4.21.1 is not properly sanitised when output in the About section of the profile page, leading to a stored Cross-Site Scripting issue. This could allow low privilege users (such as students) to elevate their privilege via an XSS attack when an admin will view their profile.

Exploits (1)

exploitdb WORKING POC

by Captain_hook · textwebappsphp

https://www.exploit-db.com/exploits/49912

View Code ZIP pw:eip

This exploit demonstrates a stored XSS vulnerability in the LifterLMS WordPress plugin (versions < 4.21.1) where the 'State' field in the user profile is not properly sanitized. An attacker with low privileges can inject malicious JavaScript, which executes when an admin views the profile.

Classification

Working Poc 100%

Attack Type

Xss

Complexity

Trivial

Reliability

Reliable

Target: LifterLMS < 4.21.1

Auth required

Prerequisites: Low-privilege user account in WordPress with LifterLMS installed

MITRE ATT&CK

T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Core References

Exploit, Third Party Advisory x_refsource_confirm

https://wpscan.com/vulnerability/f29f68a5-6575-441d-98c9-867145f2b082

Release Notes, Third Party Advisory x_refsource_misc

https://github.com/gocodebox/lifterlms/releases/tag/4.21.1

Exploit, Third Party Advisory, VDB Entry x_refsource_misc

http://packetstormsecurity.com/files/162856/WordPress-LifterLMS-4.21.0-Cross-Site-Scripting.html

Scores

CVSS v3 5.4

EPSS 0.0325

EPSS Percentile 86.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Details

CWE

CWE-79

Status published

Products (1)

lifterlms/lifterlms < 4.21.1

Published May 24, 2021

Tracked Since Feb 18, 2026