CVE-2025-47635
- EPSS 0.04%
- Veröffentlicht 07.05.2025 14:20:39
- Zuletzt bearbeitet 12.05.2025 19:56:54
Server-Side Request Forgery (SSRF) vulnerability in WPWebinarSystem WebinarPress allows Server Side Request Forgery. This issue affects WebinarPress: from n/a through 1.33.27.
CVE-2024-11271
- EPSS 0.19%
- Veröffentlicht 08.01.2025 05:15:09
- Zuletzt bearbeitet 17.01.2025 20:49:14
The WordPress Webinar Plugin – WebinarPress plugin for WordPress is vulnerable to modification of data due to a missing capability check on several functions in all versions up to, and including, 1.33.24. This makes it possible for authenticated atta...
CVE-2024-11270
- EPSS 3.97%
- Veröffentlicht 08.01.2025 05:15:07
- Zuletzt bearbeitet 17.01.2025 20:56:14
The WordPress Webinar Plugin – WebinarPress plugin for WordPress is vulnerable to arbitrary file creation due to a missing capability check on the 'sync-import-imgs' function and missing file type validation in all versions up to, and including, 1.33...
CVE-2024-43339
- EPSS 0.08%
- Veröffentlicht 26.08.2024 21:15:28
- Zuletzt bearbeitet 27.08.2024 15:58:31
Cross-Site Request Forgery (CSRF) vulnerability in WebinarPress allows Cross-Site Scripting (XSS).This issue affects WebinarPress: from n/a through 1.33.20.
CVE-2024-34818
- EPSS 0.13%
- Veröffentlicht 14.05.2024 15:39:35
- Zuletzt bearbeitet 21.11.2024 09:19:27
Cross-Site Request Forgery (CSRF) vulnerability in WebinarPress.This issue affects WebinarPress: from n/a through 1.33.17.
CVE-2024-31256
- EPSS 0.15%
- Veröffentlicht 07.04.2024 18:15:09
- Zuletzt bearbeitet 21.11.2024 09:13:08
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WebinarPress allows Reflected XSS.This issue affects WebinarPress: from n/a through 1.33.10.