CVE-2022-4384
Stream < 3.9.2 - Subscriber+ Alert Creation
The Stream WordPress plugin before 3.9.2 does not prevent users with little privileges on the site (like subscribers) from using its alert creation functionality, which may enable them to leak sensitive information.
We have discovered 6,159 live websites that are affected by CVE-2022-4384.
Affected Software
| Product | |
| Category | Wordpress Plugins |
| Vulnerable Versions |
|
| Total Vulnerable Versions | 40 |
| Vulnerable Domains | 6,159 live websites (14.32% of Stream install base) |
Distribution by Website Rank
The diagram provides a graphic representation of the correlation between the occurrence of CVE-2022-4384 and the relative popularity of websitesDetails
- Published - Feb 6, 2023
Credits
- Krzysztof Zając (finder)
- WPScan (coordinator)
CWE
CVE References
CWE References
Countries
 United States | 3,302 websites |
 Australia | 384 websites |
 GB | 377 websites |
 Canada | 302 websites |
 Italy | 245 websites |
 Germany | 177 websites |
 Netherlands | 156 websites |
 Spain | 141 websites |
 Russia | 135 websites |
 France | 70 websites |
TLDs
| .com | 3,427 websites |
| .org | 325 websites |
| .com.au | 300 websites |
| .co.uk | 215 websites |
| .it | 199 websites |
| .ca | 158 websites |
| .net | 146 websites |
| .nl | 129 websites |
| .de | 117 websites |
| .ru | 108 websites |
Vulnerable Versions
Vulnerable versions are highlighted in redGeographical Distribution
The distribution of websites across the globe that are exposed to CVE-2022-4384 through included software libraries and plugins.Websites affected by CVE-2022-4384
Top websites that are affected by CVE-2022-4384. Please click on the "Contact us" button above to get more information.| Domain | Country | Rank | Contacts |
|---|---|---|---|
| *****.*********.org | United States | *** | |
| ***.******.com | United States | *,*** | |
| ***.**************.org | United States | **,*** | |
| ***.*******.com | United States | **,*** | |
| ***.*****.com | United States | **,*** | |
| ***.******.com | United States | **,*** | |
| ***.***********.com | United States | **,*** | |
| *****.edu | United States | **,*** | |
| ***.*********.com | United States | **,*** | |
| ***.************.com | United States | **,*** |