Lucene search

CVE-2022-4384

🗓️ 06 Feb 2023 20:11:15Reported by WPScanType

The Stream WordPress plugin allows unauthorized users to create alerts, potentially leaking sensitive information

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 7
Prion	Information disclosure	6 Feb 202320:15	–	prion
WPVulnDB	Stream < 3.9.2 - Subscriber+ Alert Creation	16 Jan 202300:00	–	wpvulndb
Vulnrichment	CVE-2022-4384 Stream < 3.9.2 - Subscriber+ Alert Creation	6 Feb 202319:59	–	vulnrichment
Cvelist	CVE-2022-4384 Stream < 3.9.2 - Subscriber+ Alert Creation	6 Feb 202319:59	–	cvelist
wpexploit	Stream < 3.9.2 - Subscriber+ Alert Creation	16 Jan 202300:00	–	wpexploit
NVD	CVE-2022-4384	6 Feb 202320:15	–	nvd
Patchstack	WordPress Stream Plugin < 3.9.2 is vulnerable to Broken Access Control	16 Jan 202300:00	–	patchstack

Nvd

Vulners

Node

xwp streamRange<3.9.2wordpress

[
  {
    "vendor": "Unknown",
    "product": "Stream",
    "versions": [
      {
        "status": "affected",
        "versionType": "custom",
        "version": "0",
        "lessThan": "3.9.2"
      }
    ],
    "defaultStatus": "unaffected",
    "collectionURL": "https://wordpress.org/plugins"
  }
]

Source	Link
wpscan	www.wpscan.com/vulnerability/2b506252-6f37-439e-8984-7316d5cca2e5

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

06 Feb 2023 20:15Current

6.3Medium risk

Vulners AI Score6.3

CVSS36.5

EPSS0.00577

SSVC