Does Webinara have any unpatched vulnerabilities?

No. All known vulnerabilities in Webinara have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Webinara compatible with WordPress 5.3.21?

According to WordPress.org data, Webinara 1.0.1 has been tested up to WordPress 5.3.21. Check the plugin's changelog for the latest compatibility information.

Is Webinara compatible with PHP 5.6+?

Webinara requires PHP 5.6 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Webinara updated?

Webinara was last updated on Nov 25, 2019. Frequent updates are generally a positive security signal.

What is Webinara's security score?

Webinara has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Webinara Security & Risk Analysis

wordpress.org/plugins/webinara

Lightweight, scalable and full-featured webinar and event listings and management plugin.

10 active installs v1.0.1 PHP 5.6+ WP 4.1+ Updated Nov 25, 2019

eventeventswebinarwebinar-managementwebinars

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is Webinara Safe to Use in 2026?

Generally Safe

Score 85/100

Webinara has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 6yr ago

Risk Assessment

The "webinara" plugin version 1.0.1 exhibits several significant security concerns, primarily stemming from its large attack surface and lack of robust authorization checks. A substantial 20 out of 22 identified entry points, including all AJAX handlers, lack proper authentication or capability checks. This exposes the plugin to potential unauthorized actions and data manipulation by unauthenticated users.

While the static analysis did not identify critical or high-severity taint flows, the absence of prepared statements for its single SQL query is a notable weakness. Furthermore, the plugin makes a considerable number of external HTTP requests (26), which could be a vector for attacks like Server-Side Request Forgery (SSRF) if not handled with extreme care. The output escaping rate of 64% is also concerning, suggesting potential Cross-Site Scripting (XSS) vulnerabilities.

The plugin's vulnerability history is clean, with no recorded CVEs. This is a positive indicator, but it does not negate the risks identified in the current code analysis. The lack of past vulnerabilities could be due to the plugin's age, limited usage, or simply that it hasn't been thoroughly analyzed for certain classes of vulnerabilities. In conclusion, while the absence of historical vulnerabilities is a strength, the current version of "webinara" has a concerning security posture due to its unprotected entry points and potential for unescaped output, requiring significant attention and remediation.

Key Concerns

AJAX handlers without auth checks
SQL query without prepared statements
Low output escaping rate
Large attack surface without auth checks
External HTTP requests
Nonce checks missing on AJAX
Capability checks missing

Vulnerabilities

None known

Webinara Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Webinara Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

196

345 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

jQuery

SQL Query Safety

0% prepared1 total queries

Output Escaping

64% escaped541 total outputs

Data Flows

6 unsanitized

Data Flow Analysis

8 flows6 with unsanitized paths

webi_field_output (includes\class-webinara-field-editor.php:31)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

20 unprotected

Webinara Attack Surface

Entry Points22

Unprotected20

AJAX Handlers 20

authwp_ajax_webi_authgotowebinarincludes\class-webinara.php:2450

noprivwp_ajax_webi_authgotowebinarincludes\class-webinara.php:2451

authwp_ajax_webi_disconnect_platformincludes\class-webinara.php:2452

noprivwp_ajax_webi_disconnect_platformincludes\class-webinara.php:2453

authwp_ajax_webi_downgrade_licenseincludes\class-webinara.php:2454

noprivwp_ajax_webi_downgrade_licenseincludes\class-webinara.php:2455

authwp_ajax_webi_check_accountincludes\class-webinara.php:2456

noprivwp_ajax_webi_check_accountincludes\class-webinara.php:2457

authwp_ajax_webi_check_licenseincludes\class-webinara.php:2458

noprivwp_ajax_webi_check_licenseincludes\class-webinara.php:2459

authwp_ajax_webi_get_infoincludes\class-webinara.php:2460

noprivwp_ajax_webi_get_infoincludes\class-webinara.php:2461

authwp_ajax_webi_update_profileincludes\class-webinara.php:2462

noprivwp_ajax_webi_update_profileincludes\class-webinara.php:2463

authwp_ajax_webi_send_profilelinkincludes\class-webinara.php:2464

noprivwp_ajax_webi_send_profilelinkincludes\class-webinara.php:2465

authwp_ajax_webi_renew_licenseincludes\class-webinara.php:2466

noprivwp_ajax_webi_renew_licenseincludes\class-webinara.php:2467

authwp_ajax_webi_register_userincludes\class-webinara.php:2468

noprivwp_ajax_webi_register_userincludes\class-webinara.php:2469

Shortcodes 2

[webinars] includes\class-webinara-shortcode.php:11

[events] includes\class-webinara-shortcode.php:12

WordPress Hooks 12

actionadmin_menuincludes\class-webinara-field-editor.php:12

actionadd_meta_boxesincludes\class-webinara-meta-box.php:16

actionsave_postincludes\class-webinara-meta-box.php:19

actiongotowebinar_refresh_tokenincludes\class-webinara.php:15

actionadmin_noticesincludes\class-webinara.php:16

actionadmin_enqueue_scriptsincludes\class-webinara.php:21

actionwp_enqueue_scriptsincludes\class-webinara.php:22

actionadmin_menuincludes\class-webinara.php:23

actionadd_meta_boxesincludes\class-webinara.php:24

actioninitincludes\class-webinara.php:2314

filteradmin_post_thumbnail_htmlincludes\class-webinara.php:2449

filtersingle_templatewebinara.php:45

Scheduled Events 1

gotowebinar_refresh_token

Maintenance & Trust

Webinara Maintenance & Trust

Maintenance Signals

WordPress version tested5.3.21

Last updatedNov 25, 2019

PHP min version5.6

Downloads2K

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

Webinara Alternatives

Simple WP Events

simple-wp-events

A simple and lightweight WordPress plugin to create events and allow users to register for them.

100 3 CVEs

Sequel

sequel

Turn your WordPress website into a virtual or hybrid live engagement platform, powered by Sequel.io

40 1 CVE

ON24 Webcast Embed

on24-webcast-embed

100

A plugin to embed ON24 webcasts using an iframe.

0 No CVEs

The Events Calendar

the-events-calendar

The Events Calendar: #1 calendar plugin for WordPress. Create/manage events (virtual too!) on your site with the free plugin.

700K 25 CVEs

LatePoint – Calendar Booking Plugin for Appointments and Events

latepoint

Optimize your appointment scheduling with our plugin. Sync calendars, automate reminders, and keep your bookings organized.

100K 2 unpatched

Developer Profile

Webinara Developer Profile

kristianhaa

1 plugin · 10 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Webinara

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/webinara/assets/css/webinara.css/wp-content/plugins/webinara/assets/js/webinara.js

Script Paths

/wp-content/plugins/webinara/assets/js/webinara.js

Version Parameters

webinara/assets/css/webinara.css?ver=webinara/assets/js/webinara.js?ver=

HTML / DOM Fingerprints

CSS Classes

webi_pageinfo

FAQ