WordPress is the Wordpress Foundation’s suite of blogging platforms developed using the PHP language. The platform supports the hosting of personal blog sites on servers with PHP and MySQL. WordPress Video Conferencing with Zoom Plugin version 3.8.17 previously contained an information disclosure vulnerability that stems from the plugin’s lack of authorization in its vczapi_get_wp_user AJAX operation. An attacker could exploit this vulnerability to download a list of email addresses registered on the blog.
CPE | Name | Operator | Version |
---|---|---|---|
wordpress video conferencing with zoom plugin | lt | 3.8.17 |