Medium severity4.8NVD Advisory· Published Sep 13, 2021· Updated Jun 17, 2026
CVE-2021-24621
CVE-2021-24621
Description
The WP Courses LMS WordPress plugin before 2.0.44 does not sanitise its Video Embed Code, allowing malicious code to be injected in it by high privilege users, even when the unfiltered_html capability is disallowed, which could lead to Stored Cross-Site Scripting issues
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- WordPress/WP Courses LMSdescription
- Range: <2.0.44
Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/bfbb32ac-9ef9-46de-8e5e-7d6d6fb868d8nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.