Lucene search
+L

71 matches found

cve
cve
added 2023/12/31 5:52 p.m.71 views

CVE-2023-51423

CVE-2023-51423 affects Webinar Plugin: Create live/evergreen/automated/instant webinars, stream & Zoom Meetings (WebinarIgnition) up to version 3.05.0. The issue is an unauthenticated SQL Injection caused by improper neutralization of input in SQL commands, enabling an attacker to execute arbitra...

9.8CVSS8.9AI score0.00566EPSS
Exploits0References1Affected Software1
cvelist
cvelist
added 2023/12/31 5:52 p.m.35 views

CVE-2023-51423 WordPress WebinarIgnition Plugin <= 3.05.0 is vulnerable to SQL Injection

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Saleswonder Team Webinar Plugin: Create live/evergreen/automated/instant webinars, stream & Zoom Meetings | WebinarIgnition.This issue affects Webinar Plugin: Create live/evergreen/automated/instan...

9.3CVSS10AI score0.00566EPSS
Exploits0References1
osv
osv
added 2023/12/29 1:15 p.m.5 views

CVE-2023-51422

Deserialization of Untrusted Data vulnerability in Saleswonder Team Webinar Plugin: Create live/evergreen/automated/instant webinars, stream & Zoom Meetings | WebinarIgnition.This issue affects Webinar Plugin: Create live/evergreen/automated/instant webinars, stream & Zoom Meetings |...

8.8CVSS7.3AI score0.00621EPSS
Exploits0References1
cvelist
cvelist
added 2023/12/29 12:59 p.m.33 views

CVE-2023-51422 WordPress WebinarIgnition Plugin <= 3.05.0 is vulnerable to PHP Object Injection

Deserialization of Untrusted Data vulnerability in Saleswonder Team Webinar Plugin: Create live/evergreen/automated/instant webinars, stream & Zoom Meetings | WebinarIgnition.This issue affects Webinar Plugin: Create live/evergreen/automated/instant webinars, stream & Zoom Meetings |...

9.9CVSS9.7AI score0.00621EPSS
Exploits0References1
patchstack
patchstack
added 2023/12/27 12:0 a.m.14 views

WordPress WebinarIgnition Plugin <= 3.05.0 is vulnerable to SQL Injection

Software WebinarIgnition Type Plugin Vulnerable versions = 3.05.0 Fixed in 3.05.1 OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2023-51423 Patch priority High CVSS severity High 9.3 Developer Tobias PSID 4af5f3a4f181 Credits Rafie Muhammad Patchstack Required privilege...

9.8CVSS6.8AI score0.00566EPSS
Exploits0References1Affected Software1
patchstack
patchstack
added 2023/12/27 12:0 a.m.11 views

WordPress WebinarIgnition Plugin <= 3.05.0 is vulnerable to PHP Object Injection

Software WebinarIgnition Type Plugin Vulnerable versions = 3.05.0 Fixed in 3.05.5 OWASP Top 10 A3: Injection Classification PHP Object Injection CVE CVE-2023-51422 Patch priority High CVSS severity High 9.9 Developer Tobias PSID 079b96cbbb6e Credits Rafie Muhammad Patchstack Required privilege...

9.9CVSS6.8AI score0.00621EPSS
Exploits0References1Affected Software1
patchstack
patchstack
added 2023/12/27 12:0 a.m.13 views

WordPress WebinarIgnition Plugin <= 3.05.0 is vulnerable to Privilege Escalation

Software WebinarIgnition Type Plugin Vulnerable versions = 3.05.0 Fixed in 3.05.1 OWASP Top 10 A7: Identification and Authentication Failures Classification Privilege Escalation CVE CVE-2023-51424 Patch priority High CVSS severity High 9.8 Developer Tobias PSID 3efa2fc5ee63 Credits Rafie Muhammad...

9.8CVSS6.5AI score0.00721EPSS
Exploits0References1Affected Software1
patchstack
patchstack
added 2023/07/18 12:0 a.m.5 views

WordPress WebinarIgnition Plugin < 3.01.3 is vulnerable to Cross Site Scripting (XSS)

Software WebinarIgnition Type Plugin Vulnerable versions 3.01.3 Fixed in 3.01.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Tobias PSID 30c1e2f35176 Credits Rafie Muhammad Patchstack Required...

6.2AI score0.00284EPSS
Exploits0References2Affected Software1
cvelist
cvelist
added 2023/04/07 10:36 a.m.28 views

CVE-2023-25023 WordPress WebinarIgnition Plugin <= 2.14.2 is vulnerable to Cross Site Scripting (XSS)

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Saleswonder.Biz Webinar ignition plugin = 2.14.2 versions...

5.9CVSS5.5AI score0.00394EPSS
Exploits0References1
wpvulndb
wpvulndb
added 2023/02/03 12:0 a.m.15 views

WebinarIgnition < 2.14.3 - Admin+ Stored XSS

The plugin does not sanitise and escape the appname and webinardesc parameters, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS4.8AI score0.00394EPSS
Exploits0Affected Software1
patchstack
patchstack
added 2023/02/03 12:0 a.m.14 views

WordPress WebinarIgnition Plugin <= 2.14.2 is vulnerable to Cross Site Scripting (XSS)

Software WebinarIgnition Type Plugin Vulnerable versions = 2.14.2 Fixed in 2.14.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-25023 Patch priority Low CVSS severity Low 5.9 Developer Tobias PSID 33feb79d5847 Credits yuyudhn Required privilege...

5.9CVSS5.8AI score0.00394EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder