EUVD-2021-11474

🗓️ 07 Oct 2025 00:30:54Reported by EUVDType

LifterLMS plugin before version 4.21.2 allowed IDOR issue exposing student answers and grades

Reporter	Title	Published	Views	Family All 8
CNNVD	WordPress 插件跨站脚本漏洞	23 Aug 202100:00	–	cnnvd
CVE	CVE-2021-24562	23 Aug 202111:10	–	cve
Cvelist	CVE-2021-24562 LifterLMS < 4.21.2 - Access Other Student Grades/Answers via IDOR	23 Aug 202111:10	–	cvelist
NVD	CVE-2021-24562	23 Aug 202112:15	–	nvd
Prion	Code injection	23 Aug 202112:15	–	prion
RedhatCVE	CVE-2021-24562	22 May 202521:02	–	redhatcve
wpexploit	LifterLMS < 4.21.2 - Access Other Student Grades/Answers via IDOR	17 May 202100:00	–	wpexploit
WPVulnDB	LifterLMS < 4.21.2 - Access Other Student Grades/Answers via IDOR	17 May 202100:00	–	wpvulndb

[
  {
    "enisaIdVendor": [
      {
        "id": "57a54973-b90b-32e2-bb76-1ba13238c859",
        "vendor": {
          "name": "Unknown"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "bd600d33-e691-3564-a617-b53bfaee3250",
        "product": {
          "name": "LMS by LifterLMS – Online Course, Membership & Learning Management System Plugin for WordPress"
        },
        "product_version": "4.21.2 <4.21.2"
      }
    ]
  }
]

Source	Link
wpscan	www.wpscan.com/vulnerability/d45bb744-4a0d-4af0-aa16-71f7e3ea6e00
make	www.make.lifterlms.com/2021/05/17/lifterlms-version-4-21-2/
github	www.github.com/advisories/GHSA-293c-r3p4-g63r

07 Oct 2025 00:30Current

7.5High risk

Vulners AI Score7.5

CVSS 3.17.5

CVSS 25

EPSS0.00609