CVE-2026-42758— WordPress WebinarIgnition plugin < 4.08.253 - Privilege Escalation vulnerability
Possible ATT&CK Techniques 1AI
T1078 · Valid AccountsAffected Version Matrix 1
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Saleswonder Team: Tobias | WebinarIgnition | ≤ 4.08.253 | affected |
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2026-42758
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
WordPress WebinarIgnition plugin < 4.08.253 - Privilege Escalation vulnerability
Source: NVD (National Vulnerability Database)
Vulnerability Description
Incorrect Privilege Assignment vulnerability in Saleswonder Team: Tobias WebinarIgnition webinar-ignition allows Privilege Escalation.This issue affects WebinarIgnition: from n/a through < 4.08.253.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
特权授予不正确
Source: NVD (National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Saleswonder Team: Tobias | WebinarIgnition | 0 ~ 4.08.253 | - |
II. Public POCs for CVE-2026-42758
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2026-42758
请登录查看更多情报信息。
News Coverage for CVE-2026-42758 (1)
IV. Related Vulnerabilities
Same product: WebinarIgnition
- CVE-2026-42757
WordPress WebinarIgnition plugin < 4.08.253 - Arbitrary File - CVE-2026-40797
WordPress WebinarIgnition plugin <= 4.08.253 - SQL Injection - CVE-2025-60088
WordPress WebinarIgnition plugin <= 4.06.04 - Broken Access - CVE-2023-51424
WordPress WebinarIgnition plugin <= 3.05.0 - Unauthenticated - CVE-2024-32445
WordPress WebinarIgnition plugin <= 3.05.8 - Cross Site Requ
Same vendor: Saleswonder Team: Tobias
- CVE-2026-42757
WordPress WebinarIgnition plugin < 4.08.253 - Arbitrary File - CVE-2025-60088
WordPress WebinarIgnition plugin <= 4.06.04 - Broken Access - CVE-2025-54028
WordPress CF7 WOW Styler Plugin <= 1.7.2 - Local File Inclus - CVE-2025-49316
WordPress WP2LEADS plugin <= 3.5.0 - Reflected Cross Site Sc - CVE-2025-32922
WordPress WP2LEADS plugin <= 3.5.0 - Cross Site Request Forg
Same weakness: CWE-266
- CVE-2026-9795
Keycloak: keycloak: privilege escalation via improper scope - CVE-2026-42731
WordPress miniorange otp verification plugin <= 5.4.9 - Priv - CVE-2026-45216
WordPress Smart Manager plugin <= 8.85.0 - Privilege Escalat - CVE-2025-32747
Dell PowerFlex Manager 安全漏洞 - CVE-2026-48172
LiteSpeed User-End cPanel Plugin 安全漏洞
V. Comments for CVE-2026-42758
No comments yet