Calgary, Alberta, Canada
sales@hackhalt.com
Free Download Free Download Free Download
Explore Pricing Explore Pricing Explore Pricing

Blog

"Prevention is cheaper than a breach"

Live Vulnerability Intelligence

Threat Database

Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.

Total2
Critical0
High2
Medium0
Reset
Showing 1-2 of 2 records
Threat Entry Updated 2025-01-17

CVE-2024-11271 - Webinarpress Plugin

The WordPress Webinar Plugin – WebinarPress plugin for WordPress is vulnerable to modification of data due to a missing capability check on several functions in all versions up to, and including, 1.33.24. This makes it possible for authenticated attackers, with subscriber-level access and above, to modify webinars.

PLUGIN Webinarpress

CVE-2024-11271

HIGH CVSS 8.8 2025-01-08
Open Full Technical Breakdown
Threat Entry Updated 2025-01-17

CVE-2024-11270 - Webinarpress Plugin

The WordPress Webinar Plugin – WebinarPress plugin for WordPress is vulnerable to arbitrary file creation due to a missing capability check on the 'sync-import-imgs' function and missing file type validation in all versions up to, and including, 1.33.24. This makes it possible for authenticated attackers, with subscriber-level access and above, to create arbitrary files that can lead to remote code execution.

PLUGIN Webinarpress

CVE-2024-11270

HIGH CVSS 8.8 2025-01-08
Open Full Technical Breakdown
Scroll to top