Security Advisory

CVE-2022-4384

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-02-06 19:59:16

Last updated 2025-03-25 20:41:44

Assigner WPScan

State PUBLISHED

Description

The Stream WordPress plugin before 3.9.2 does not prevent users with little privileges on the site (like subscribers) from using its alert creation functionality, which may enable them to leak sensitive information.

← Browse all CVEs View on cve.org ↗