CVE-2025-6441 - Vulnerability Details

- Webinar Solution: Create live/evergreen/automated/instant webinars, stream & Zoom Meetings | WebinarIgnition <= 4.03.32 - Unauthenticated Login Token Generation to Authentication Bypass

Description

The Webinar Solution: Create live/evergreen/automated/instant webinars, stream & Zoom Meetings | WebinarIgnition plugin for WordPress is vulnerable to unauthenticated login token generation due to a missing capability check on the `webinarignition_sign_in_support_staff` and `webinarignition_register_support` functions in all versions up to, and including, 4.03.32. This makes it possible for unauthenticated attackers to generate login tokens for arbitrary WordPress users under certain circumstances, issuing authorization cookies which can lead to authentication bypass.

Published: 2025-07-24

Score: 9.8 Critical

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Impact

The WebinarIgnition WordPress plugin allows an unauthenticated attacker to generate login tokens for arbitrary WordPress users because the functions webinarignition_sign_in_support_staff and webinarignition_register_support lack a required capability check. The generated tokens become authentication cookies, enabling an attacker to impersonate any site user and gain the privileges of that user, which can lead to full site compromise. This vulnerability is a classic example of Missing Permissions (CWE‑862).

Affected Systems

The issue affects installations of the WebinarIgnition plugin for WooCommerce, developed by Tobias Conrad, with any version up to and including 4.03.32. Any WordPress site running one of these plugin versions is potentially vulnerable.

Risk and Exploitability

The CVSS score of 9.8 indicates critical severity, but the EPSS score of less than 1 % reflects a very low probability of exploitation in the wild, and the vulnerability is not listed in CISA’s KEV catalog. The attack vector is unauthenticated, relying solely on missing permission checks, so an adversary only needs the ability to send crafted HTTP requests to the vulnerable endpoints to achieve authentication bypass.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

tobias_conrad

WebinarIgnition – Live, Automated & Evergreen Webinars for WooCommerce

unaffected

Version	Status	Constraints
`0`	affected	≤ 4.03.32

No data.

No data available yet.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Upgrade the WebinarIgnition plugin to the latest version that contains the missing capability checks (any release newer than 4.03.32).
If an upgrade is not immediately possible, restrict access to the plugin’s AJAX endpoints by applying WAF rules that block unauthenticated requests to the webinarignition_sign_in_support_staff and webinarignition_register_support URLs.
Audit your WordPress logs for suspicious OAuth or token generation activity and enforce multi‑factor authentication for all privileged accounts to reduce the impact of any successful token exploitation.

Generated by OpenCVE AI on April 21, 2026 at 19:37 UTC.

Tracking

Sign in to view the affected projects.

Advisories

Source	ID	Title
EUVD	EUVD-2025-22506	The Webinar Solution: Create live/evergreen/automated/instant webinars, stream & Zoom Meetings \| WebinarIgnition plugin for WordPress is vulnerable to unauthenticated login token generation due to a missing capability check on the `webinarignition_sign_in_support_staff` and `webinarignition_register_support` functions in all versions up to, and including, 4.03.31. This makes it possible for unauthenticated attackers to generate login tokens for arbitrary WordPress users under certain circumstances, issuing authorization cookies which can lead to authentication bypass.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.0075.

Exploitation none

Automatable yes

Technical Impact total

References

Link	Providers
https://plugins.trac.wordpress.org/browser/webinar-ignition/trunk/inc/class-webinarignition.php#L549
https://plugins.trac.wordpress.org/browser/webinar-ignition/trunk/inc/class.WebinarignitionAjax.php#L769
https://plugins.trac.wordpress.org/browser/webinar-ignition/trunk/inc/class.WebinarignitionManager.php#L1040
https://plugins.trac.wordpress.org/browser/webinar-ignition/trunk/inc/class.WebinarignitionManager.php#L53
https://plugins.trac.wordpress.org/changeset/3333177/
https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3333045%40webinar-ignition&new=3333045%40webinar-ignition&sfp_email=&sfph_mail=
https://www.wordfence.com/threat-intel/vulnerabilities/id/52c19707-df18-4239-af46-12ea5ee86a4b?source=cve

History

Wed, 08 Apr 2026 17:45:00 +0000

Type	Values Removed	Values Added
Description	The Webinar Solution: Create live/evergreen/automated/instant webinars, stream & Zoom Meetings \| WebinarIgnition plugin for WordPress is vulnerable to unauthenticated login token generation due to a missing capability check on the `webinarignition_sign_in_support_staff` and `webinarignition_register_support` functions in all versions up to, and including, 4.03.31. This makes it possible for unauthenticated attackers to generate login tokens for arbitrary WordPress users under certain circumstances, issuing authorization cookies which can lead to authentication bypass.	The Webinar Solution: Create live/evergreen/automated/instant webinars, stream & Zoom Meetings \| WebinarIgnition plugin for WordPress is vulnerable to unauthenticated login token generation due to a missing capability check on the `webinarignition_sign_in_support_staff` and `webinarignition_register_support` functions in all versions up to, and including, 4.03.32. This makes it possible for unauthenticated attackers to generate login tokens for arbitrary WordPress users under certain circumstances, issuing authorization cookies which can lead to authentication bypass.
Title	Webinar Solution: Create live/evergreen/automated/instant webinars, stream & Zoom Meetings \| WebinarIgnition <= 4.03.31 - Unauthenticated Login Token Generation to Authentication Bypass	Webinar Solution: Create live/evergreen/automated/instant webinars, stream & Zoom Meetings \| WebinarIgnition <= 4.03.32 - Unauthenticated Login Token Generation to Authentication Bypass
References		https://plugins.trac.wordpress.org/changeset/3333177/ https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3333045%40webinar-ignition&new=3333045%40webinar-ignition&sfp_email=&sfph_mail=

Thu, 24 Jul 2025 14:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Thu, 24 Jul 2025 09:30:00 +0000

Type	Values Removed	Values Added
Description		The Webinar Solution: Create live/evergreen/automated/instant webinars, stream & Zoom Meetings \| WebinarIgnition plugin for WordPress is vulnerable to unauthenticated login token generation due to a missing capability check on the `webinarignition_sign_in_support_staff` and `webinarignition_register_support` functions in all versions up to, and including, 4.03.31. This makes it possible for unauthenticated attackers to generate login tokens for arbitrary WordPress users under certain circumstances, issuing authorization cookies which can lead to authentication bypass.
Title		Webinar Solution: Create live/evergreen/automated/instant webinars, stream & Zoom Meetings \| WebinarIgnition <= 4.03.31 - Unauthenticated Login Token Generation to Authentication Bypass
Weaknesses		CWE-862
References		https://plugins.trac.wordpress.org/browser/webinar-ignition/trunk/inc/class-webinarignition.php#L549 https://plugins.trac.wordpress.org/browser/webinar-ignition/trunk/inc/class.WebinarignitionAjax.php#L769 https://plugins.trac.wordpress.org/browser/webinar-ignition/trunk/inc/class.WebinarignitionManager.php#L1040 https://plugins.trac.wordpress.org/browser/webinar-ignition/trunk/inc/class.WebinarignitionManager.php#L53 https://www.wordfence.com/threat-intel/vulnerabilities/id/52c19707-df18-4239-af46-12ea5ee86a4b?source=cve
Metrics		cvssV3_1 `{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}`

Subscriptions

No data.

MITRE

Status: PUBLISHED

Assigner: Wordfence

Published: 2025-07-24T09:22:16.616Z

Updated: 2026-04-08T16:52:54.331Z

Reserved: 2025-06-20T17:07:55.542Z

Link: CVE-2025-6441

Vulnrichment

Updated: 2025-07-24T13:14:59.609Z

NVD

Status : Deferred

Published: 2025-07-24T10:15:27.663

Modified: 2026-04-15T00:35:42.020

Link: CVE-2025-6441

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-04-21T19:45:16Z

Weaknesses

CWE-862

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Exploitation none

Automatable yes

Technical Impact total

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object