cleantalk
Vulnerabilities and Security Researches

WordPress Webinar Plugin – WebinarPress, CVE-2024-11271

CVE, Research URL

CVE-2024-11271

Home page URL

Security reports for WordPress Webinar Plugin – WebinarPress

Application

WordPress Webinar Plugin – WebinarPress

Published on
Jan 08, 2025
Research Description
The WordPress Webinar Plugin – WebinarPress plugin for WordPress is vulnerable to modification of data due to a missing capability check on several functions in all versions up to, and including, 1.33.24. This makes it possible for authenticated attackers, with subscriber-level access and above, to modify webinars.
Affected versions
Min -, max 1.33.25.
Status
vulnerable
Previous vulnerability researches
WordPress Webinar Plugin – WebinarPress (CVE-2024-43339) , Aug 20, 2024
WordPress Webinar Plugin – WebinarPress (CVE-2025-32693) , Apr 10, 2025
WordPress Webinar Plugin – WebinarPress (CVE-2024-11271) , Jan 09, 2025
WordPress Webinar Plugin – WebinarPress (CVE-2024-11270) , Jan 09, 2025
WordPress Webinar Plugin – WebinarPress (CVE-2024-34818) , Jun 07, 2024
New vulnerability
Canonical Attachments (CVE-2025-32543) , Apr 11, 2025
CG Scroll To Top (CVE-2025-31399) , Apr 11, 2025
Ultimate WP Mail (CVE-2025-32694) , Apr 11, 2025
MyBookProgress by Stormhill Media (CVE-2025-30982) , Apr 11, 2025
Social Bookmarking RELOADED (CVE-2025-31393) , Apr 11, 2025