WordPress Plugin Vulnerabilities

WordPress Webinar Plugin – WebinarPress < 1.33.25 - Missing Authorization to Authenticated (Subscriber+) Arbitrary File Creation

Description

The WordPress Webinar Plugin – WebinarPress plugin for WordPress is vulnerable to arbitrary file creation due to a missing capability check on the 'sync-import-imgs' function and missing file type validation in all versions up to, and including, 1.33.24. This makes it possible for authenticated attackers, with subscriber-level access and above, to create arbitrary files that can lead to remote code execution.

Affects Plugins

Plugin icon
wp-webinarsystem
Fixed in 1.33.25

References

CVE
CVE-2024-11270
URL
https://www.wordfence.com/threat-intel/vulnerabilities/id/f1c2cb3f-2f9e-40c5-9e5f-5b85a53e5868

Classification

Type
NO AUTHORISATION
OWASP top 10
A5: Broken Access Control
CWE
CWE-862
CVSS
8.8 (high)

Miscellaneous

Original Researcher
Lucio Sá
Verified
No
WPVDB ID
d65d9759-9e92-47bd-ac46-2384a0acac6c

Timeline

Publicly Published
2025-01-07 (about 1 year ago)
Added
2025-01-07 (about 1 year ago)
Last Updated
2025-01-08 (about 1 year ago)

Other

Published
Title
Published
2025-11-20
Title
ELEX WordPress HelpDesk & Customer Ticketing System < 3.3.1 - Missing Authorization to Authenitcated (Subscriber+) to Scheduled Trigger Deletion
Published
2024-04-29
Title
Booster Extension <= 1.2.0 - Basic Information Exposure via booster_extension_authorbox_shortcode_display
Published
2025-09-19
Title
Miniorange OTP Verification with Firebase 3.1.0 - 3.6.2 - Unauthenticated Privilege Escalation
Published
2026-01-10
Title
File Uploads Addon for WooCommerce <= 1.7.3 - Missing Authorization
Published
2024-04-25
Title
Five Star Restaurant Reservations < 2.6.17 - Missing Authorization