Webinarpress

Webinarpress

10 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2025-62972

  • EPSS 0.05%
  • Veröffentlicht 27.10.2025 01:34:16
  • Zuletzt bearbeitet 03.02.2026 14:12:14

Missing Authorization vulnerability in WPWebinarSystem WebinarPress wp-webinarsystem allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WebinarPress: from n/a through <= 1.33.28.

9.8

CVE-2025-47635

  • EPSS 0.23%
  • Veröffentlicht 07.05.2025 14:20:39
  • Zuletzt bearbeitet 12.05.2025 19:56:54

Server-Side Request Forgery (SSRF) vulnerability in WPWebinarSystem WebinarPress allows Server Side Request Forgery. This issue affects WebinarPress: from n/a through 1.33.27.

4.7

CVE-2025-32693

  • EPSS 0.17%
  • Veröffentlicht 09.04.2025 16:09:08
  • Zuletzt bearbeitet 28.01.2026 17:36:20

URL Redirection to Untrusted Site ('Open Redirect') vulnerability in WPWebinarSystem WebinarPress allows Phishing. This issue affects WebinarPress: from n/a through 1.33.27.

4.8

CVE-2025-31883

  • EPSS 0.15%
  • Veröffentlicht 01.04.2025 15:16:31
  • Zuletzt bearbeitet 28.01.2026 17:36:05

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPWebinarSystem WebinarPress allows Stored XSS. This issue affects WebinarPress: from n/a through 1.33.27.

4.3

CVE-2025-31882

  • EPSS 0.16%
  • Veröffentlicht 01.04.2025 15:16:30
  • Zuletzt bearbeitet 28.01.2026 17:35:32

Missing Authorization vulnerability in WPWebinarSystem WebinarPress allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WebinarPress: from n/a through 1.33.27.

4.3

CVE-2024-11271

  • EPSS 0.48%
  • Veröffentlicht 08.01.2025 05:15:09
  • Zuletzt bearbeitet 17.01.2025 20:49:14

The WordPress Webinar Plugin – WebinarPress plugin for WordPress is vulnerable to modification of data due to a missing capability check on several functions in all versions up to, and including, 1.33.24. This makes it possible for authenticated atta...

8.8

CVE-2024-11270

  • EPSS 7.63%
  • Veröffentlicht 08.01.2025 05:15:07
  • Zuletzt bearbeitet 17.01.2025 20:56:14

The WordPress Webinar Plugin – WebinarPress plugin for WordPress is vulnerable to arbitrary file creation due to a missing capability check on the 'sync-import-imgs' function and missing file type validation in all versions up to, and including, 1.33...

6.1

CVE-2024-43339

  • EPSS 0.08%
  • Veröffentlicht 26.08.2024 21:15:28
  • Zuletzt bearbeitet 27.08.2024 15:58:31

Cross-Site Request Forgery (CSRF) vulnerability in WebinarPress allows Cross-Site Scripting (XSS).This issue affects WebinarPress: from n/a through 1.33.20.

7.1

CVE-2024-34818

  • EPSS 0.13%
  • Veröffentlicht 14.05.2024 15:39:35
  • Zuletzt bearbeitet 21.11.2024 09:19:27

Cross-Site Request Forgery (CSRF) vulnerability in WebinarPress.This issue affects WebinarPress: from n/a through 1.33.17.

7.1

CVE-2024-31256

  • EPSS 0.15%
  • Veröffentlicht 07.04.2024 18:15:09
  • Zuletzt bearbeitet 21.11.2024 09:13:08

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WebinarPress allows Reflected XSS.This issue affects WebinarPress: from n/a through 1.33.10.