Log out
Get PRO

Latest

Input validation vulnerability in Webinar Plugin: Create live/evergreen/automated/instant webinars, stream & Zoom Meetings | WebinarIgnition 3.05.0

  • Severity: high-risk
  • Status: Open
  • Publication: December 27, 2023

The WebinarIgnition plugin for WordPress, which allows users to create live or automated webinars, stream or host Zoom meetings, is vulnerable to a type of security flaw called PHP Object Injection. This flaw, which affects all versions of the plugin up to 3.05.0, allows attackers with ‘subscriber’ access or higher to inject a PHP Object. This could allow the attacker to delete files, access sensitive data, or even execute code, depending on what other plugins or themes are installed on the target system.

Detected in:

Webinar Solution: Create live/evergreen/automated/instant webinars, stream & Zoom Meetings | WebinarIgnition fixed vulnerable versions:
Webinar Plugin: Create live/evergreen/automated/instant webinars, stream & Zoom Meetings | WebinarIgnition open vulnerable versions: >= * <= 3.05.4

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.