CVE-2022-0384

CVE-2022-0384: Video Conferencing with Zoom < 3.8.17 - E-mail Address Disclosure

Vendor Unknown

Product Video Conferencing with Zoom

Weakness CWE-200 · Info exposure

Published March 7, 2022

Last update August 2, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

The Video Conferencing with Zoom WordPress plugin before 3.8.17 does not have authorisation in its vczapi_get_wp_users AJAX action, allowing any authenticated users, such as subscriber to download the list of email addresses registered on the blog

Key dates

02Disclosure timeline

March 7, 2022 CVE published

August 2, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2022-0384

Related vulnerabilities

04Related CVE

CVE-2026-20027 Cisco Snort DCERPC Stub Data Out of Bounds Read CVE-2024-28849 Proxy-Authorization header kept across hosts in follow-redirects CVE-2025-61679 Anyquery Unauthenticated Access Vulnerability Exposes Private Integration Data CVE-2024-13638 Order Attachments for WooCommerce <= 2.5.1 - Unauthenticated Sensitive Information Exposure Through Unprotected Directory CVE-2026-11464 JeecgBoot User List Endpoint SysUserController.java queryPageList information disclosure