top of page
perceptive_background_267k.jpg

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Saleswonder Team: Tobias WebinarIgnition webinar-ignition allows…

Published:

26 May 2026 at 22:00:00

Alert date:

27 May 2026 at 12:04:12

Source:

nvd.nist.gov

Click to open the original link from this advisory

Web Technologies

A path traversal vulnerability (CVE-2026-42757) affects the WebinarIgnition WordPress plugin developed by Saleswonder Team. The vulnerability allows improper limitation of pathname to restricted directories, enabling path traversal attacks. All versions from an unspecified starting point through version 4.08.253 are affected. The issue has been documented by both NVD and Patchstack, with the latter specifically identifying it as an arbitrary file deletion vulnerability. Users should upgrade to version 4.08.253 or later to remediate this security issue.

Technical details

Mitigation steps:

Affected products:

WebinarIgnition

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2026-42757
https://patchstack.com/database/Wordpress/Plugin/webinar-ignition/vulnerability/wordpress-webinarignition-plugin-4-08-253-arbitrary-file-deletion-vulnerability?_s_id=cve

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Disclaimer: Deze website toont informatie afkomstig van externe bronnen. Perceptive aanvaardt geen verantwoordelijkheid voor de inhoud, juistheid of volledigheid van deze informatie.

bottom of page