Vulnerability Database

309,469

Total vulnerabilities in the database

CVE-2024-11271

The WordPress Webinar Plugin – WebinarPress plugin for WordPress is vulnerable to modification of data due to a missing capability check on several functions in all versions up to, and including, 1.33.24. This makes it possible for authenticated attackers, with subscriber-level access and above, to modify webinars.

Published: Jan 8, 2025
Updated: Nov 16, 2025
CVE: CVE-2024-11271
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 8.8
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWEs:

CWE-862

Affected Software
References

Software	From	Fixed in
webinarpress / webinarpress	-	1.33.25

https://plugins.trac.wordpress.org/changeset/3216237/wp-webinarsystem/trunk/includes/class-webinarsysteem-ajax.php
https://www.wordfence.com/threat-intel/vulnerabilities/id/88508dbd-b7a0-441d-918b-f4cb7a7cd000?source=cve

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo