Vulnerabilities and security researches foreroom-zoom-meetings-webinar eroom-zoom-meetings-webinar

Jun 10, 2024

CVE, Research URL: CVE-2022-43472
Home page URL: Security reports for eRoom – Zoom Meetings & Webinars
Application: eRoom – Zoom Meetings & Webinars
Date: Dec 13, 2024
Research Description: Missing Authorization vulnerability in StylemixThemes eRoom – Zoom Meetings & Webinar allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects eRoom – Zoom Meetings & Webinar: from n/a through 1.4.6.
Affected versions: Min -, max -.
Status: vulnerable

Jun 06, 2024

CVE, Research URL: CVE-2022-25614
Home page URL: Security reports for eRoom – Zoom Meetings & Webinars
Application: eRoom – Zoom Meetings & Webinars
Date: Apr 12, 2022
Research Description: Cross-Site Request Forgery (CSRF) in StylemixThemes eRoom – Zoom Meetings & Webinar (WordPress plugin) <= 1.3.7 allows an attacker to Sync with Zoom Meetings.
Affected versions: Min -, max -.
Status: vulnerable

CVE, Research URL: CVE-2022-25615
Home page URL: Security reports for eRoom – Zoom Meetings & Webinars
Application: eRoom – Zoom Meetings & Webinars
Date: Apr 12, 2022
Research Description: Cross-Site Request Forgery (CSRF) in StylemixThemes eRoom – Zoom Meetings & Webinar (WordPress plugin) <= 1.3.8 allows cache deletion.
Affected versions: Min -, max -.
Status: vulnerable

CVE, Research URL: CVE-2024-3275
Home page URL: Security reports for eRoom – Zoom Meetings & Webinars
Application: eRoom – Zoom Meetings & Webinars
Date: May 02, 2024
Research Description: The eRoom – Zoom Meetings & Webinars plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.4.18 via the search_posts function. This makes it possible for authenticated attackers, with subscriber access and higher, to obtain post excerpts including those of draft and pending posts.
Affected versions: Min -, max -.
Status: vulnerable