Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

WebinarPress

Source -

CNA

CNA CVEs -

7

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

0
Related CVEsRelated VendorsRelated AssignersReports
7Vulnerabilities found
CVE-2025-47635
Assigner-Patchstack
ShareView Details
Assigner-Patchstack
CVSS Score-5.5||MEDIUM
EPSS-0.04% / 11.02%
||
7 Day CHG~0.00%
Published-07 May, 2025 | 14:20
Updated-12 May, 2025 | 19:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress WebinarPress <= 1.33.27 - Server Side Request Forgery (SSRF) Vulnerability

Server-Side Request Forgery (SSRF) vulnerability in WPWebinarSystem WebinarPress allows Server Side Request Forgery. This issue affects WebinarPress: from n/a through 1.33.27.

Action-Not Available
Vendor-webinarpressWPWebinarSystem
Product-webinarpressWebinarPress
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2025-32693
Assigner-Patchstack
ShareView Details
Assigner-Patchstack
CVSS Score-4.7||MEDIUM
EPSS-0.05% / 15.61%
||
7 Day CHG~0.00%
Published-09 Apr, 2025 | 16:09
Updated-09 Apr, 2025 | 20:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress WebinarPress <= 1.33.27 - Open Redirection Vulnerability

URL Redirection to Untrusted Site ('Open Redirect') vulnerability in WPWebinarSystem WebinarPress allows Phishing. This issue affects WebinarPress: from n/a through 1.33.27.

Action-Not Available
Vendor-WPWebinarSystem
Product-WebinarPress
CWE ID-CWE-601
URL Redirection to Untrusted Site ('Open Redirect')
CVE-2025-31883
Assigner-Patchstack
ShareView Details
Assigner-Patchstack
CVSS Score-5.9||MEDIUM
EPSS-0.02% / 4.29%
||
7 Day CHG-0.04%
Published-01 Apr, 2025 | 14:52
Updated-01 Apr, 2025 | 20:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress WebinarPress plugin <= 1.33.27 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPWebinarSystem WebinarPress allows Stored XSS. This issue affects WebinarPress: from n/a through 1.33.27.

Action-Not Available
Vendor-WPWebinarSystem
Product-WebinarPress
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2025-31882
Assigner-Patchstack
ShareView Details
Assigner-Patchstack
CVSS Score-4.3||MEDIUM
EPSS-0.03% / 6.35%
||
7 Day CHG-0.02%
Published-01 Apr, 2025 | 14:52
Updated-01 Apr, 2025 | 20:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress WordPress Webinar Plugin <= 1.33.27 - Broken Access Control vulnerability

Missing Authorization vulnerability in WPWebinarSystem WebinarPress allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WebinarPress: from n/a through 1.33.27.

Action-Not Available
Vendor-WPWebinarSystem
Product-WebinarPress
CWE ID-CWE-862
Missing Authorization
CVE-2024-43339
Assigner-Patchstack
ShareView Details
Assigner-Patchstack
CVSS Score-5.4||MEDIUM
EPSS-0.04% / 10.25%
||
7 Day CHG~0.00%
Published-26 Aug, 2024 | 20:24
Updated-27 Aug, 2024 | 15:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress WordPress Webinar Plugin – WebinarPress plugin <= 1.33.20 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery (CSRF) vulnerability in WebinarPress allows Cross-Site Scripting (XSS).This issue affects WebinarPress: from n/a through 1.33.20.

Action-Not Available
Vendor-webinarpressWebinarPress
Product-webinarpressWebinarPress
CWE ID-CWE-352
Cross-Site Request Forgery (CSRF)
CVE-2024-34818
Assigner-Patchstack
ShareView Details
Assigner-Patchstack
CVSS Score-7.1||HIGH
EPSS-0.13% / 33.00%
||
7 Day CHG~0.00%
Published-10 May, 2024 | 08:40
Updated-02 Aug, 2024 | 02:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress Webinar plugin <= 1.33.17 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery (CSRF) vulnerability in WebinarPress.This issue affects WebinarPress: from n/a through 1.33.17.

Action-Not Available
Vendor-WebinarPress
Product-WebinarPress
CWE ID-CWE-352
Cross-Site Request Forgery (CSRF)
CVE-2024-31256
Assigner-Patchstack
ShareView Details
Assigner-Patchstack
CVSS Score-7.1||HIGH
EPSS-0.15% / 36.43%
||
7 Day CHG+0.04%
Published-07 Apr, 2024 | 17:48
Updated-22 Aug, 2024 | 09:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress WebinarPress plugin <= 1.33.10 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WebinarPress allows Reflected XSS.This issue affects WebinarPress: from n/a through 1.33.10.

Action-Not Available
Vendor-WebinarPress
Product-WebinarPress
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')