Skip to main content

Webinarignition

4 CVEs product

Monthly

CVE-2026-40797 CRITICAL Act Now

Blind SQL injection in WebinarIgnition WordPress plugin allows remote unauthenticated attackers to extract sensitive database contents including user credentials and private webinar data. The vulnerability affects all versions through 4.08.253 and requires no special configuration. Patchstack publicly disclosed this vulnerability with database reference, though no active exploitation has been confirmed via CISA KEV at time of analysis. The CVSS 9.3 critical rating reflects network-accessible attack vector with scope change, indicating potential for lateral movement beyond the vulnerable component.

SQLi Webinarignition
NVD VulDB
CVSS 3.1
9.3
EPSS
0.0%
CVE-2023-51423 CRITICAL Act Now

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Saleswonder Team Webinar Plugin: Create live/evergreen/automated/instant webinars, stream & Zoom. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Webinarignition
NVD
CVSS 3.1
9.3
EPSS
0.1%
CVE-2023-51422 CRITICAL Act Now

Deserialization of Untrusted Data vulnerability in Saleswonder Team Webinar Plugin: Create live/evergreen/automated/instant webinars, stream & Zoom Meetings | WebinarIgnition.05.0. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Deserialization Webinarignition
NVD
CVSS 3.1
9.9
EPSS
0.7%
CVE-2023-25023 MEDIUM This Month

Auth. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Webinarignition
NVD
CVSS 3.1
4.8
EPSS
0.4%
EPSS 0% CVSS 9.3
CRITICAL Act Now

Blind SQL injection in WebinarIgnition WordPress plugin allows remote unauthenticated attackers to extract sensitive database contents including user credentials and private webinar data. The vulnerability affects all versions through 4.08.253 and requires no special configuration. Patchstack publicly disclosed this vulnerability with database reference, though no active exploitation has been confirmed via CISA KEV at time of analysis. The CVSS 9.3 critical rating reflects network-accessible attack vector with scope change, indicating potential for lateral movement beyond the vulnerable component.

SQLi Webinarignition
NVD VulDB
EPSS 0% CVSS 9.3
CRITICAL Act Now

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Saleswonder Team Webinar Plugin: Create live/evergreen/automated/instant webinars, stream & Zoom. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Webinarignition
NVD
EPSS 1% CVSS 9.9
CRITICAL Act Now

Deserialization of Untrusted Data vulnerability in Saleswonder Team Webinar Plugin: Create live/evergreen/automated/instant webinars, stream & Zoom Meetings | WebinarIgnition.05.0. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Deserialization Webinarignition
NVD
EPSS 0% CVSS 4.8
MEDIUM This Month

Auth. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Webinarignition
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy