71 matches found
WordPress WebinarIgnition plugin <= 4.03.32 - Unauthenticated Login Token Generation to Authentication Bypass vulnerability
Unauthenticated Login Token Generation to Authentication Bypass vulnerability discovered by kr0d in WordPress Plugin WebinarIgnition versions = 4.03.32...
CVE-2024-32445
Cross-Site Request Forgery CSRF vulnerability in Saleswonder Team: Tobias WebinarIgnition webinar-ignition.This issue affects WebinarIgnition: from n/a through = 3.05.8...
CVE-2023-51422
Deserialization of Untrusted Data vulnerability in Saleswonder Team Webinar Plugin: Create live/evergreen/automated/instant webinars, stream & Zoom Meetings | WebinarIgnition.This issue affects Webinar Plugin: Create live/evergreen/automated/instant webinars, stream & Zoom Meetings |...
CVE-2023-51423
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Saleswonder Team Webinar Plugin: Create live/evergreen/automated/instant webinars, stream & Zoom Meetings | WebinarIgnition.This issue affects Webinar Plugin: Create live/evergreen/automated/instan...
CVE-2023-51424
Improper Privilege Management vulnerability in Saleswonder Team WebinarIgnition allows Privilege Escalation.This issue affects WebinarIgnition: from n/a through 3.05.0...
CVE-2023-51424
Improper Privilege Management vulnerability in Saleswonder Team WebinarIgnition allows Privilege Escalation.This issue affects WebinarIgnition: from n/a through 3.05.0...
CVE-2023-51424 WordPress WebinarIgnition plugin <= 3.05.0 - Unauthenticated Privilege Escalation vulnerability
Improper Privilege Management vulnerability in Saleswonder Team WebinarIgnition allows Privilege Escalation.This issue affects WebinarIgnition: from n/a through 3.05.0...
CVE-2023-51424 WordPress WebinarIgnition plugin <= 3.05.0 - Unauthenticated Privilege Escalation vulnerability
Improper Privilege Management vulnerability in Saleswonder Team WebinarIgnition allows Privilege Escalation.This issue affects WebinarIgnition: from n/a through 3.05.0...
PT-2024-14122 · Unknown · Webinarignition
Name of the Vulnerable Software and Affected Versions: WebinarIgnition versions 3.05.0 and earlier Description: The issue is related to Improper Privilege Management, allowing Privilege Escalation in WebinarIgnition. Recommendations: For versions 3.05.0 and earlier, update to a version later than...
WordPress plugin WebinarIgnition 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security vulnerability...
WebinarIgnition < 3.06.0 - Cross-Site Request Forgery
Description The WebinarIgnition plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.05.8. This is due to missing or incorrect nonce validation on the delete action. This makes it possible for unauthenticated attackers to delete settings via a forge...
CVE-2024-32445
Cross-Site Request Forgery CSRF vulnerability in Saleswonder Team: Tobias WebinarIgnition webinar-ignition.This issue affects WebinarIgnition: from n/a through = 3.05.8...
CVE-2024-32445 WordPress WebinarIgnition plugin <= 3.05.8 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in Saleswonder Team WebinarIgnition.This issue affects WebinarIgnition: from n/a through 3.05.8...
CVE-2024-32445
CVE-2024-32445 is a CSRF vulnerability in Saleswonder’s WebinarIgnition plugin for WordPress, affecting WebinarIgnition up to version 3.05.8. The sources describe a CSRF flaw but do not provide exploitation details, confirmed patches, or exact affected configurations beyond that.
PT-2024-24575 · Unknown · Webinarignition
Name of the Vulnerable Software and Affected Versions: WebinarIgnition versions prior to 3.05.8 Description: A Cross-Site Request Forgery CSRF issue affects the software, allowing unauthorized actions to be performed on behalf of a user without their knowledge. Recommendations: For versions prior...
WordPress WebinarIgnition plugin <= 3.05.8 - Cross Site Request Forgery (CSRF) vulnerability
Cross Site Request Forgery CSRF vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Plugin WebinarIgnition versions = 3.05.8...
WordPress WebinarIgnition Plugin <= 3.05.8 is vulnerable to Cross Site Request Forgery (CSRF)
Software WebinarIgnition Type Plugin Vulnerable versions = 3.05.8 Fixed in 3.06.0 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-32445 Patch priority Low CVSS severity Low 5.4 Developer Tobias PSID a3482615028f Credits Dhabaleshwar Das Required...
WebinarIgnition < 3.05.1 - Authenticated (Subscriber+) PHP Object Injection
Description The Webinar Plugin: Create live/evergreen/automated/instant webinars, stream & Zoom Meetings | WebinarIgnition plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.05.0 via deserialization of untrusted input. This makes it possible for...
WebinarIgnition < 3.05.1 - Missing Authorization to Unauthenticated Privilege Escalation
Description The Webinar Plugin: Create live/evergreen/automated/instant webinars, stream & Zoom Meetings | WebinarIgnition plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in all versions up to, and including, 3.05.0. This makes it possible...
Sql injection
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Saleswonder Team Webinar Plugin: Create live/evergreen/automated/instant webinars, stream & Zoom Meetings | WebinarIgnition.This issue affects Webinar Plugin: Create live/evergreen/automated/instan...