CVE-2022-2376

Summary

The Directorist WordPress plugin before 7.3.1 discloses the email address of all users in an AJAX action available to both unauthenticated and any authenticated users

Affected Software

VendorProductVersion RangeStatus
UnknownDirectorist – WordPress Business Directory Plugin with Classified Ads Listings7.3.1 < 7.3.1affected

Weaknesses

  • CWE-862: CWE-862 Missing Authorization

ADP Enrichment

CVE Program Container

Additional References

References