WordPress Plugin Vulnerabilities

Video Conferencing with Zoom < 3.8.17 - E-mail Address Disclosure

Description

The plugin does not have authorisation in its vczapi_get_wp_users AJAX action, allowing any authenticated users, such as subscriber to download the list of email addresses registered on the blog

Proof of Concept

Open the following URL as a subscriber: https://example.com/wp-admin/admin-ajax.php?action=vczapi_get_wp_users

Affects Plugins

Plugin icon
video-conferencing-with-zoom-api
Fixed in 3.8.17

References

CVE
CVE-2022-0384
URL
https://plugins.trac.wordpress.org/changeset/2671219

Classification

Type
SENSITIVE DATA DISCLOSURE
OWASP top 10
A3: Sensitive Data Exposure
CWE
CWE-200
CVSS
6.5 (medium)

Miscellaneous

Original Researcher
Krzysztof Zając
Submitter
Krzysztof Zając
Submitter website
https://kazet.cc/
Verified
Yes
WPVDB ID
91c44c45-994b-4aed-b9f9-7db45924eeb4

Timeline

Publicly Published
2022-02-14 (about 2 years ago)
Added
2022-02-14 (about 2 years ago)
Last Updated
2022-04-08 (about 2 years ago)

Other

Published
Title
Published
2024-02-20
Title
Backup Bolt < 1.4.0 - Sensitive Data Exposure
Published
2024-02-02
Title
Post Thumbnail Editor <= 2.4.8 - Sensitive Information Exposure
Published
2023-12-29
Title
Everest Backup < 2.2.0 - Sensitive Information Exposure via Log File
Published
2022-09-26
Title
Helpful < 4.5.26 - Information Disclosure
Published
2023-11-07
Title
Email Marketing for WooCommerce by Omnisend < 1.13.9 - Sensitive Information Exposure