CVE-2024-11270

The WordPress Webinar Plugin – WebinarPress plugin for WordPress is vulnerable to arbitrary file creation due to a missing capability check on the 'sync-import-imgs' function and missing file type validation in all versions up to, and including, 1.33.24. This makes it possible for authenticated...

WordPress WebinarPress Plugin <= 1.33.20 is vulnerable to Cross Site Request Forgery (CSRF)

Software WebinarPress Type Plugin Vulnerable versions = 1.33.20 Fixed in 1.33.21 OWASP Top 10 A4: Insecure Design Classification Cross Site Request Forgery CSRF CVE CVE-2024-34818 Patch priority Low CVSS severity Low 7.1 Developer Claim ownership PSID bbb41d22c921 Credits Majed Refaea Required...