Does Video Conferencing with Zoom have any unpatched vulnerabilities?

No. All known vulnerabilities in Video Conferencing with Zoom have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Video Conferencing with Zoom compatible with WordPress 6.8.5?

According to WordPress.org data, Video Conferencing with Zoom 4.6.6 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

Is Video Conferencing with Zoom compatible with PHP 7.4+?

Video Conferencing with Zoom requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Video Conferencing with Zoom updated?

Video Conferencing with Zoom was last updated on Jan 25, 2026. Frequent updates are generally a positive security signal.

What is Video Conferencing with Zoom's security score?

Video Conferencing with Zoom has a WP-Safety security score of 95/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Video Conferencing with Zoom Security & Risk Analysis

wordpress.org/plugins/video-conferencing-with-zoom-api

Gives you the power to manage Zoom Meetings, Zoom Webinars, Recordings, Reports and create users directly from your WordPress dashboard.

20K active installs v4.6.6 PHP 7.4+ WP 5.5.0+ Updated Jan 25, 2026

online-meetingsvideo-conferenceweb-conferencingwebinarszoom-video-conference

A · Safe

CVEs total9

Unpatched0

Last CVEFeb 19, 2026

Plugin page Download

Safety Verdict

Is Video Conferencing with Zoom Safe to Use in 2026?

Generally Safe

Score 95/100

Video Conferencing with Zoom has a strong security track record. Known vulnerabilities have been patched promptly.

9 known CVEsLast CVE: Feb 19, 2026Updated 2mo ago

Risk Assessment

The "video-conferencing-with-zoom-api" plugin, version 4.6.6, presents a mixed security posture. While it demonstrates good practices in areas like SQL query sanitization and a notable lack of critical or high-severity CVEs, significant concerns arise from its attack surface and historical vulnerability patterns. The presence of 12 AJAX handlers without authentication checks is a substantial risk, creating potential entry points for unauthorized actions. Furthermore, the taint analysis revealing 7 flows with unsanitized paths, although not currently classified as critical or high, warrants attention as these could be precursors to more severe vulnerabilities if combined with other weaknesses.

The plugin's vulnerability history of 9 CVEs, primarily medium and low severity, indicates a recurring pattern of security weaknesses. Common themes like 'Open Redirect', 'Missing Authorization', and 'Cross-site Scripting' suggest that input validation and authorization checks have been areas of historical concern. The fact that none are currently unpatched is positive, but the sheer number of past vulnerabilities suggests a need for more robust and proactive security measures within the development lifecycle. The plugin uses bundled libraries like DataTables and Select2, which, if not kept updated, could introduce their own vulnerabilities.

In conclusion, while the plugin has strengths in its SQL handling and the current absence of unpatched critical vulnerabilities, the large number of unprotected AJAX endpoints and the history of diverse vulnerability types raise red flags. The plugin's development team needs to prioritize addressing the unprotected AJAX handlers and improving input sanitization and authorization mechanisms to mitigate the risks highlighted by its past and current static analysis.

Key Concerns

12 unprotected AJAX handlers
7 flows with unsanitized paths (taint analysis)
8 medium severity CVEs
1 low severity CVE
56% output escaping (implies ~44% unescaped)
Bundled libraries (potential for outdated versions)

Vulnerabilities

Video Conferencing with Zoom Security Vulnerabilities

CVEs by Year

1 CVE in 2021

2021

3 CVEs in 2022

2022

1 CVE in 2023

2023

3 CVEs in 2024

2024

1 CVE in 2026

2026

Patched Has unpatched

Severity Breakdown

Medium

Low

9 total CVEs

CVE-2026-1368medium · 5.3Missing Authorization

Video Conferencing with Zoom < 4.6.6 - Missing Authorization

Feb 19, 2026 Patched in 4.6.6 (6d)

CVE-2024-33584medium · 6.1URL Redirection to Untrusted Site ('Open Redirect')

Video Conferencing with Zoom <= 4.4.4 - Open Redirect

Apr 25, 2024 Patched in 4.4.5 (7d)

CVE-2024-2033medium · 4.3Missing Authorization

Video Conferencing with Zoom <= 4.4.5 - Sensitive Information Exposure

Mar 22, 2024 Patched in 4.4.6 (19d)

CVE-2024-2031medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Video Conferencing with Zoom <= 4.4.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

Mar 12, 2024 Patched in 4.4.5 (1d)

CVE-2023-3947low · 3.7Use of Hard-coded Cryptographic Key

Video Conferencing with Zoom <= 4.2.1 - Sensitive Information Exposure

Jul 25, 2023 Patched in 4.2.2 (182d)

CVE-2022-4578medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Video Conferencing with Zoom <= 4.0.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

Dec 29, 2022 Patched in 4.0.10 (390d)

WF-33707b80-5cc1-4678-bf87-8c5131634c94-video-conferencing-with-zoom-apimedium · 6.1Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Video Conferencing with Zoom <= 3.9.2 - Reflected Cross-Site Scripting

May 31, 2022 Patched in 3.9.3 (602d)

CVE-2022-0384medium · 4.3Exposure of Sensitive Information to an Unauthorized Actor

Video Conferencing with Zoom <= 3.8.16 - E-mail Address Disclosure

Feb 14, 2022 Patched in 3.8.17 (708d)

WF-d4ba4365-449e-4271-b46e-7f149efc752c-video-conferencing-with-zoom-apimedium · 6.1Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Video Conferencing with Zoom < 3.8.16 - Reflected Cross-Site Scripting

Nov 30, 2021 Patched in 3.8.16 (784d)

Code Analysis

Analyzed Mar 16, 2026

Video Conferencing with Zoom Code Analysis

Dangerous Functions

Raw SQL Queries

3 prepared

Unescaped Output

265

336 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

DataTablesSelect2jQueryLodash

SQL Query Safety

100% prepared3 total queries

Output Escaping

56% escaped601 total outputs

Data Flows

7 unsanitized

Data Flow Analysis

9 flows7 with unsanitized paths

zoom_recordings (includes\admin\class-zvc-admin-recordings.php:31)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

12 unprotected

Video Conferencing with Zoom Attack Surface

Entry Points26

Unprotected12

AJAX Handlers 26

authwp_ajax_zvc_delete_meetingincludes\admin\class-zvc-admin-ajax.php:13

authwp_ajax_zvc_bulk_meetings_deleteincludes\admin\class-zvc-admin-ajax.php:14

authwp_ajax_zoom_dimiss_noticeincludes\admin\class-zvc-admin-ajax.php:15

authwp_ajax_check_connectionincludes\admin\class-zvc-admin-ajax.php:16

noprivwp_ajax_get_authincludes\admin\class-zvc-admin-ajax.php:19

authwp_ajax_get_authincludes\admin\class-zvc-admin-ajax.php:20

noprivwp_ajax_state_changeincludes\admin\class-zvc-admin-ajax.php:23

authwp_ajax_state_changeincludes\admin\class-zvc-admin-ajax.php:24

authwp_ajax_get_assign_host_idincludes\admin\class-zvc-admin-ajax.php:27

authwp_ajax_vczapi_get_wp_usersincludes\admin\class-zvc-admin-ajax.php:28

authwp_ajax_vczapi_get_zoom_host_queryincludes\admin\class-zvc-admin-ajax.php:29

authwp_ajax_vczapi_dismiss_admin_noticeincludes\admin\class-zvc-admin-ajax.php:32

authwp_ajax_vczapi_end_meetingincludes\admin\class-zvc-admin-ajax.php:35

authwp_ajax_vczapi_save_oauth_credentialsincludes\admin\class-zvc-admin-setup-wizard.php:15

authwp_ajax_vczapi_save_app_sdk_credentialsincludes\admin\class-zvc-admin-setup-wizard.php:16

authwp_ajax_vczapi_sync_userincludes\admin\class-zvc-admin-sync.php:13

authwp_ajax_vczapi_get_zoom_hostsincludes\Blocks\Blocks.php:40

authwp_ajax_vczapi_get_live_meetingsincludes\Blocks\Blocks.php:41

noprivwp_ajax_vczapi_list_meeting_shortcode_ajax_handlerincludes\Shortcodes\Meetings.php:35

authwp_ajax_vczapi_list_meeting_shortcode_ajax_handlerincludes\Shortcodes\Meetings.php:36

noprivwp_ajax_get_recordingincludes\Shortcodes\Recordings.php:31

authwp_ajax_get_recordingincludes\Shortcodes\Recordings.php:32

noprivwp_ajax_getRecordingByMeetingIDincludes\Shortcodes\Recordings.php:35

authwp_ajax_getRecordingByMeetingIDincludes\Shortcodes\Recordings.php:36

authwp_ajax_set_timezoneincludes\Timezone.php:34

noprivwp_ajax_set_timezoneincludes\Timezone.php:35

WordPress Hooks 56

actionrestrict_manage_postsincludes\admin\class-zvc-admin-post-type.php:46

actioninitincludes\admin\class-zvc-admin-post-type.php:47

actionadmin_menuincludes\admin\class-zvc-admin-post-type.php:48

actionadd_meta_boxesincludes\admin\class-zvc-admin-post-type.php:49

filtersingle_templateincludes\admin\class-zvc-admin-post-type.php:51

filterarchive_templateincludes\admin\class-zvc-admin-post-type.php:52

filtertemplate_includeincludes\admin\class-zvc-admin-post-type.php:53

actionbefore_delete_postincludes\admin\class-zvc-admin-post-type.php:54

actionadmin_noticesincludes\admin\class-zvc-admin-post-type.php:55

filterpre_get_postsincludes\admin\class-zvc-admin-post-type.php:60

filteruse_block_editor_for_post_typeincludes\admin\class-zvc-admin-post-type.php:63

actionadmin_menuincludes\admin\class-zvc-admin-settings.php:20

actionadmin_initincludes\admin\class-zvc-admin-settings.php:21

actionadmin_noticesincludes\admin\class-zvc-admin-settings.php:22

actionadmin_noticesincludes\admin\class-zvc-admin-settings.php:152

actionin_admin_headerincludes\admin\class-zvc-admin-sync.php:14

filterblock_categories_allincludes\Blocks\Blocks.php:31

filterblock_categoriesincludes\Blocks\Blocks.php:33

actioninitincludes\Blocks\Blocks.php:36

actioninitincludes\Blocks\Blocks.php:37

filterpre_get_block_file_templateincludes\Blocks\BlockTemplates.php:17

filterget_block_templatesincludes\Blocks\BlockTemplates.php:18

filterallowed_block_types_allincludes\Blocks\BlockTemplates.php:20

actionadmin_enqueue_scriptsincludes\Bootstrap.php:50

actioninitincludes\Bootstrap.php:51

actioninitincludes\Bootstrap.php:54

actionwp_enqueue_scriptsincludes\Bootstrap.php:55

filterplugin_action_linksincludes\Bootstrap.php:56

actionafter_setup_themeincludes\Bootstrap.php:57

filterwp_headersincludes\Bootstrap.php:58

actionelementor/widgets/registerincludes\Elementor\Elementor.php:53

actionelementor/elements/categories_registeredincludes\Elementor\Elementor.php:54

actionvczapi_before_main_content_post_loopincludes\Filters.php:44

actionvczapi_before_shortcode_content_post_loopincludes\Filters.php:45

actionpre_get_postsincludes\Filters.php:46

actionadmin_noticesincludes\helpers.php:268

filterinstall_plugins_tabsincludes\Marketplace.php:11

actionload-plugin-install.phpincludes\Marketplace.php:12

actionadmin_print_styles-plugin-install.phpincludes\Marketplace.php:13

actionwp_enqueue_scriptsincludes\Shortcodes.php:39

actionvczoom_before_main_contentincludes\template-hooks.php:13

actionvczoom_after_main_contentincludes\template-hooks.php:14

actionvczoom_single_content_leftincludes\template-hooks.php:17

actionvczoom_single_content_leftincludes\template-hooks.php:18

actionvczoom_single_content_rightincludes\template-hooks.php:24

actionvczoom_single_content_rightincludes\template-hooks.php:26

actionvczoom_single_content_rightincludes\template-hooks.php:27

actionvczoom_single_content_rightincludes\template-hooks.php:28

actionvczapi_main_content_post_loopincludes\template-hooks.php:31

actionvczoom_meeting_join_linksincludes\template-hooks.php:34

actionvczoom_meeting_before_shortcodeincludes\template-hooks.php:37

actionvczoom_meeting_shortcode_join_linksincludes\template-hooks.php:38

actionvczoom_meeting_shortcode_join_links_webinarincludes\template-hooks.php:39

actionvczoom_jbh_before_contentincludes\template-hooks.php:42

actionvczoom_jbh_after_contentincludes\template-hooks.php:43

actionplugins_loadedvideo-conferencing-with-zoom-api.php:46

Maintenance & Trust

Video Conferencing with Zoom Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedJan 25, 2026

PHP min version7.4

Downloads1.5M

Community Trust

Rating96/100

Number of ratings219

Active installs20K

Alternatives

Video Conferencing with Zoom Alternatives

Video Conferencing with Webex

video-conferencing-webex

100

Enables you to visually collaborate, create, edit, delete and align your Webex meeting schedules directly from your WordPress dashboard.

20 No CVEs

MeetingHub for Zoom Meeting, Google Meet, Jitsi Meet, Webex, & Microsoft Teams | The All-in-One Webinar & Video Conference Solution

meetinghub

Meeting plugin to create instant webinars and meetings with Zoom Meeting, Google Meet, Jitsi Meet, Webex, & Microsoft Teams.

500 2 CVEs

LiveWebinar

livewebinar

100

Most Advanced Webinar Software. Collaborate Anywhere. Try an advanced platform for webinars fully tailored to your business. No credit card required.

50 No CVEs

WeMeet for Webex

wemeet

100

Seamlessly integrate Webex Meetings into your WordPress site — schedule, manage, and join Webex video meetings directly from your WordPress dashboard.

0 No CVEs

ZooMeet – Zoom Meeting & Webinar Integration | Dedicated Zoom Video Conference Solution for WordPress

zoomeet

100

Easily create instant webinars and meetings with Zoom integration for WordPress. Manage Zoom Meetings, Webinars, Recordings, and Users directly from y …

0 No CVEs

Developer Profile

Video Conferencing with Zoom Developer Profile

Deepen Bajracharya

2 plugins · 40K total installs

trust score

Avg Security Score

96/100

Avg Patch Time

246 days

View full developer profile

Detection Fingerprints

How We Detect Video Conferencing with Zoom

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/video-conferencing-with-zoom-api/assets/public/js/scripts.js/wp-content/plugins/video-conferencing-with-zoom-api/assets/public/css/style.css/wp-content/plugins/video-conferencing-with-zoom-api/assets/public/css/vendor/frontend.css/wp-content/plugins/video-conferencing-with-zoom-api/assets/public/js/vendor/frontend.js

Script Paths

/wp-content/plugins/video-conferencing-with-zoom-api/assets/public/js/scripts.js/wp-content/plugins/video-conferencing-with-zoom-api/assets/public/js/vendor/frontend.js

Version Parameters

video-conferencing-with-zoom-api/assets/public/js/scripts.js?ver=video-conferencing-with-zoom-api/assets/public/css/style.css?ver=video-conferencing-with-zoom-api/assets/public/css/vendor/frontend.css?ver=video-conferencing-with-zoom-api/assets/public/js/vendor/frontend.js?ver=

HTML / DOM Fingerprints

CSS Classes

zvc-meeting-details

Data Attributes

data-meeting_iddata-zoom_meeting_iddata-zoom_zoom_api_keydata-zoom_zoom_api_secretdata-zoom_zoom_jwt_tokendata-zoom_zoom_access_token+3 more

JS Globals

zvc_backend_ajax_obj

REST Endpoints

/wp-json/vczapi/v1/zoom/meeting/list

Shortcode Output

[zoom_api_link][zoom_create_meeting][zoom_list_meetings][zoom_join_meeting]

FAQ