Vulnerabilities > CVE-2022-0384 - Unspecified vulnerability in Imdpen Video Conferencing With Zoom

047910
CVSS 4.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
LOW
Integrity impact
NONE
Availability impact
NONE
network
low complexity
imdpen

Summary

The Video Conferencing with Zoom WordPress plugin before 3.8.17 does not have authorisation in its vczapi_get_wp_users AJAX action, allowing any authenticated users, such as subscriber to download the list of email addresses registered on the blog

Vulnerable Configurations

Part Description Count
Application
Imdpen
82