Browse all 3 CVE security advisories affecting Saleswonder Team. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Saleswonder Team develops sales automation software primarily used for customer relationship management and lead generation. Historically, their products have been vulnerable to remote code execution, cross-site scripting, and privilege escalation vulnerabilities, often stemming from improper input validation and access control flaws. The team has addressed multiple CVEs, including critical RCE flaws in their API endpoints and persistent XSS vulnerabilities in their web dashboard. While no major public security incidents have been documented, their consistent vulnerability pattern suggests a need for enhanced security testing protocols, particularly in their web application architecture and third-party integrations.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2023-51424 | WordPress WebinarIgnition plugin <= 3.05.0 - Unauthenticated Privilege Escalation vulnerability — WebinarIgnitionCWE-269 | 9.8 | Critical | 2024-05-17 |
| CVE-2023-51423 | WordPress WebinarIgnition Plugin <= 3.05.0 is vulnerable to SQL Injection — Webinar Plugin: Create live/evergreen/automated/instant webinars, stream & Zoom Meetings | WebinarIgnitionCWE-89 | 9.3 | Critical | 2023-12-31 |
| CVE-2023-51422 | WordPress WebinarIgnition Plugin <= 3.05.0 is vulnerable to PHP Object Injection — Webinar Plugin: Create live/evergreen/automated/instant webinars, stream & Zoom Meetings | WebinarIgnitionCWE-502 | 9.9 | Critical | 2023-12-29 |
This page lists every published CVE security advisory associated with Saleswonder Team. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.