CVE-2024-43339

MEDIUM

WebinarPress < 1.33.20 - Cross-Site Request Forgery

Title source: llm

Description

Cross-Site Request Forgery (CSRF) vulnerability in WebinarPress allows Cross-Site Scripting (XSS).This issue affects WebinarPress: from n/a through 1.33.20.

References (1)

Core 1

Core References

Third Party Advisory vdb-entry

https://patchstack.com/database/vulnerability/wp-webinarsystem/wordpress-wordpress-webinar-plugin-webinarpress-plugin-1-33-20-cross-site-request-forgery-csrf-vulnerability?_s_id=cve

Scores

CVSS v3 5.4

EPSS 0.0016

EPSS Percentile 5.4%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-352

Status published

Products (2)

WebinarPress/WebinarPress < 1.33.20

webinarpress/webinarpress < 1.33.21

Published Aug 26, 2024

Tracked Since Feb 18, 2026