Question 1

What is CVE-2022-4384 — CVE-2022-4384?

Accepted Answer

The Stream WordPress plugin before 3.9.2 does not prevent users with little privileges on the site (like subscribers) from using its alert creation functionality, which may enable them to leak sensitive information.

Question 2

What is the authoritative source for CVE-2022-4384?

Accepted Answer

CVE-2022-4384 (CVE-2022-4384) is catalogued in NVD + CISA KEV + FIRST EPSS and curated for EU compliance use cases by SQUR.

CVSS	6.5 ()
Vector	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
EPSS	0.91% probability of exploitation · percentile 55.3% · 2026-06-19T12:03:05Z
Last modified	2026-06-17

CVE-2022-4384CVE-2022-4384

Description

Scoring