cleantalk
Vulnerabilities and Security Researches

WP Courses LMS – Online Courses Builder, eLearning Courses, Courses Solution, Education Courses, CVE-2021-24621

CVE, Research URL

CVE-2021-24621

Home page URL

Security reports for WP Courses LMS – Online Courses Builder, eLearning Courses, Courses Solution, Education Courses

Application

WP Courses LMS – Online Courses Builder, eLearning Courses, Courses Solution, Education Courses

Published on
Sep 13, 2021
Research Description
The WP Courses LMS WordPress plugin before 2.0.44 does not sanitise its Video Embed Code, allowing malicious code to be injected in it by high privilege users, even when the unfiltered_html capability is disallowed, which could lead to Stored Cross-Site Scripting issues
Affected versions
max 2.0.44.
Status
vulnerable
Previous vulnerability researches
WP Courses LMS – Online Courses Builder, eLearning Courses, Courses Solution, Education Courses (CVE-2024-12172) , Dec 13, 2024
WP Courses LMS – Online Courses Builder, eLearning Courses, Courses Solution, Education Courses (CVE-2026-31914) , Mar 30, 2026
WP Courses LMS – Online Courses Builder, eLearning Courses, Courses Solution, Education Courses (CVE-2021-24621) , Jun 06, 2024
WP Courses LMS – Online Courses Builder, eLearning Courses, Courses Solution, Education Courses (CVE-2020-26876) , Jun 06, 2024
New vulnerability
File Manager Pro – Filester , Mar 30, 2026
Simple Author Box , Mar 30, 2026
Customizable WordPress Gallery Plugin – Modula Image Gallery , Mar 30, 2026
Speed Optimizer – The All-In-One WordPress Performance-Boosting Plugin , Mar 30, 2026
Product Feed PRO for WooCommerce (CVE-2026-32443) , Mar 30, 2026