Directorist < 7.3.1 - Unauthenticated Email Address Disclosure
CVE-2022-2376
5.3MEDIUM
What is CVE-2022-2376?
The Directorist WordPress plugin before 7.3.1 discloses the email address of all users in an AJAX action available to both unauthenticated and any authenticated users
Affected Version(s)
Directorist – WordPress Business Directory Plugin with Classified Ads Listings 7.3.1