[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fMAm9SRkfOYUPyxWtQVotfsF2n72lNX3eJHTckRjAQtI":3},{"id":4,"url_slug":5,"title":6,"description":7,"plugin_slug":8,"theme_slug":9,"affected_versions":10,"patched_in_version":11,"severity":12,"cvss_score":13,"cvss_vector":14,"vuln_type":15,"published_date":16,"updated_date":17,"references":18,"days_to_patch":20,"patch_diff_files":21,"patch_trac_url":9,"research_status":29,"research_verified":30,"research_rounds_completed":31,"research_plan":32,"research_summary":33,"research_vulnerable_code":34,"research_fix_diff":35,"research_exploit_outline":36,"research_model_used":37,"research_started_at":38,"research_completed_at":39,"research_error":9,"poc_status":9,"poc_video_id":9,"poc_summary":9,"poc_steps":9,"poc_tested_at":9,"poc_wp_version":9,"poc_php_version":9,"poc_playwright_script":9,"poc_exploit_code":9,"poc_has_trace":30,"poc_model_used":9,"poc_verification_depth":9,"poc_exploit_code_gated":30,"source_links":40},"CVE-2026-6964","video-conferencing-with-zoom-missing-authorization-to-unauthenticated-zoom-sdk-credential-exposure-via-getauth-ajax-acti","Video Conferencing with Zoom \u003C= 4.6.7 - Missing Authorization to Unauthenticated Zoom SDK Credential Exposure via 'get_auth' AJAX Action","The Video Conferencing with Zoom plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 4.6.7. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for unauthenticated attackers to obtain the site's Zoom SDK API key and a freshly-signed JWT that can be used with the Zoom Web SDK to join any Zoom meeting associated with those credentials without a legitimate invitation.","video-conferencing-with-zoom-api",null,"\u003C=4.6.7","4.6.8","medium",5.3,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:N\u002FS:U\u002FC:L\u002FI:N\u002FA:N","Missing Authorization","2026-06-15 14:43:40","2026-06-16 03:30:09",[19],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F328a4d88-afa2-4305-a8e5-73e626e9f53f?source=api-prod",1,[22,23,24,25,26,27,28],"README.txt","assets\u002Fvendor\u002Fzoom\u002Fwebsdk\u002Fzoom-meeting.bundle.js","changelog.txt","includes\u002FBootstrap.php","includes\u002Fadmin\u002Fclass-zvc-admin-ajax.php","vendor\u002Fcomposer\u002Fautoload_classmap.php","vendor\u002Fcomposer\u002Fautoload_static.php","researched",false,3,"This research plan outlines the technical steps required to analyze and demonstrate the missing authorization vulnerability in the \"Video Conferencing with Zoom\" plugin (CVE-2026-6964).\n\n### 1. Vulnerability Summary\nThe vulnerability is a **Missing Authorization** flaw located in the `get_auth` AJAX action. The plugin registers this action for unauthenticated users (`wp_ajax_nopriv_get_auth`) but fails to implement any capability checks (e.g., `current_user_can`) within the handler. While the endpoint is protected by a WordPress nonce, the nonce is exposed to unauthenticated visitors on any page where the Zoom Web SDK is initialized. Consequently, an attacker can retrieve the nonce, call the AJAX action, and obtain the site's Zoom SDK Key and a signed JWT (signature) to join meetings.\n\n### 2. Attack Vector Analysis\n*   **Endpoint:** `\u002Fwp-admin\u002Fadmin-ajax.php`\n*   **Action:** `get_auth`\n*   **Parameters:**\n    *   `action`: `get_auth` (Required)\n    *   `noncce`: A valid WordPress nonce for the action `_nonce_zvc_security` (Required)\n    *   `meeting_id`: A Zoom meeting ID (Required to generate the JWT)\n*   **Authentication:** None (Unauthenticated)\n*   **Preconditions:** The \"Join via Browser\" (SDK) feature must be enabled in the plugin settings.\n\n### 3. Code Flow\n1.  **Entry Point:** The AJAX request is received by WordPress and dispatched to the handler registered in `includes\u002Fadmin\u002Fclass-zvc-admin-ajax.php`:\n    ```php\n    add_action('wp_ajax_nopriv_get_auth', array($this, 'get_auth'));\n    ```\n2.  **Nonce Verification:** The `get_auth()` function calls `check_ajax_referer`:\n    ```php\n    public function get_auth() {\n        check_ajax_referer('_nonce_zvc_security', 'noncce');\n        \u002F\u002F ...\n    ```\n3.  **Credential Retrieval:** If the nonce is valid and SDK is enabled via `vczapi_is_sdk_enabled()`, the plugin fetches sensitive credentials:\n    ```php\n    $sdk_key    = get_option('vczapi_sdk_key');\n    $secret_key = get_option('vczapi_sdk_secret_key');\n    ```\n4.  **JWT Generation:** The plugin generates a signature using the secret key via `generate_sdk_signature()`:\n    ```php\n    $signature  = $this->generate_sdk_signature($sdk_key, $secret_key, $meeting_id, 0);\n    ```\n5.  **Data Exposure:** The SDK Key and Signature are returned in a JSON response:\n    ```php\n    wp_send_json_success(['sig' => $signature, 'key' => $sdk_key, 'type' => 'sdk']);\n    ```\n\n### 4. Nonce Acquisition Strategy\nThe nonce is required to pass the `check_ajax_referer` check. The plugin exposes this nonce via `wp_localize_script` to support the frontend \"Join via Browser\" functionality.\n\n*   **Trigger:** The scripts are enqueued when a Zoom Meeting post is viewed or when the `[zoom_join_via_browser]` shortcode is present.\n*   **Acquisition Steps:**\n    1.  Create a Zoom Meeting post or a page with the `[zoom_join_via_browser]` shortcode.\n    2.  Navigate to the page as an unauthenticated user.\n    3.  Extract the nonce from the global JavaScript object `zvc_ajx`.\n*   **JS Extraction:** Use `browser_eval` to get the value of `window.zvc_ajx?.zvc_security`.\n\n### 5. Exploitation Strategy\nThis strategy assumes an isolated environment with the plugin installed and configured.\n\n1.  **Extract Nonce:**\n    *   Navigate to a page containing a Zoom meeting (e.g., the meeting post created in Step 6).\n    *   Execute `browser_eval(\"window.zvc_ajx.zvc_security\")` to obtain the nonce.\n2.  **Trigger Credential Exposure:**\n    *   Use the `http_request` tool to send a POST request to the AJAX endpoint.\n    *   **URL:** `http:\u002F\u002F\u003Ctarget>\u002Fwp-admin\u002Fadmin-ajax.php`\n    *   **Method:** `POST`\n    *   **Headers:** `Content-Type: application\u002Fx-www-form-urlencoded`\n    *   **Body:** `action=get_auth&noncce=\u003CNONCE>&meeting_id=123456789`\n3.  **Capture Response:** The response should be a JSON object containing the `key` and `sig`.\n\n### 6. Test Data Setup\nTo facilitate the PoC, the environment must be configured as follows:\n\n*   **Configure Zoom API:** Use WP-CLI to set dummy Zoom credentials (required for the logic to reach the sink):\n    ```bash\n    wp option update zoom_api_key \"dummy_api_key\"\n    wp option update zoom_api_secret \"dummy_api_secret\"\n    wp option update vczapi_sdk_key \"test_sdk_key\"\n    wp option update vczapi_sdk_secret_key \"test_sdk_secret_01234567890123456789\"\n    ```\n*   **Enable SDK:**\n    ```bash\n    wp option update vczapi_set_sdk_feature_parent 1\n    ```\n*   **Create Meeting:** Create a Zoom Meeting post to ensure the frontend scripts (and nonce) load:\n    ```bash\n    wp post create --post_type=zoom-meetings --post_title=\"Exploit Test Meeting\" --post_status=publish\n    ```\n\n### 7. Expected Results\nA successful exploit will return an HTTP 200 response with a JSON body similar to:\n```json\n{\n    \"success\": true,\n    \"data\": {\n        \"sig\": \"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...\",\n        \"key\": \"test_sdk_key\",\n        \"type\": \"sdk\"\n    }\n}\n```\nThe `sig` value is a valid JWT signed with the `vczapi_sdk_secret_key`.\n\n### 8. Verification Steps\nAfter performing the HTTP request, verify the leaked data matches the database:\n1.  Compare the `key` in the JSON response with the output of `wp option get vczapi_sdk_key`.\n2.  Decode the `sig` (JWT) using a tool or script to verify the `sdkKey` claim matches the `vczapi_sdk_key` and the `mn` (meeting number) claim matches the `meeting_id` sent in the request.\n\n### 9. Alternative Approaches\nIf the `zvc_ajx` object is not found on the page:\n*   Search the HTML source for `zvc_ajx` to see if it is localized under a different variable name or embedded in a script block.\n*   Check if the shortcode `[zoom_api_link meeting_id=\"12345\"]` or the Gutenberg block for Zoom Meetings enqueues the necessary assets.\n*   If `vczapi_is_sdk_enabled()` returns false, the exploit will return an error. Ensure the SDK feature is explicitly enabled in the settings (option `vczapi_set_sdk_feature_parent`).","The Video Conferencing with Zoom plugin for WordPress fails to perform authorization checks on the 'get_auth' AJAX action, which is exposed to unauthenticated users. An attacker can obtain the site's Zoom SDK API key and a freshly-signed JWT signature by using a publicly available nonce, allowing them to join any Zoom meeting associated with the credentials.","\u002F\u002F includes\u002Fadmin\u002Fclass-zvc-admin-ajax.php:23\nadd_action('wp_ajax_nopriv_get_auth', array($this, 'get_auth'));\nadd_action('wp_ajax_get_auth', array($this, 'get_auth'));\n\n---\n\n\u002F\u002F includes\u002Fadmin\u002Fclass-zvc-admin-ajax.php:183\npublic function get_auth()\n{\n    check_ajax_referer('_nonce_zvc_security', 'noncce');\n    $meeting_id = filter_input(INPUT_POST, 'meeting_id');\n    if (vczapi_is_sdk_enabled()) {\n        $sdk_key    = get_option('vczapi_sdk_key');\n        $secret_key = get_option('vczapi_sdk_secret_key');\n        $signature  = $this->generate_sdk_signature($sdk_key, $secret_key, $meeting_id, 0);\n        wp_send_json_success(['sig' => $signature, 'key' => $sdk_key, 'type' => 'sdk']);\n    } else {\n        wp_send_json_error('Error occured!');\n    }\n\n    wp_die();\n}","diff -ru \u002Fhome\u002Fdeploy\u002Fwp-safety.org\u002Fdata\u002Fplugin-versions\u002Fvideo-conferencing-with-zoom-api\u002F4.6.7\u002Fassets\u002Fvendor\u002Fzoom\u002Fwebsdk\u002Fzoom-meeting.bundle.js \u002Fhome\u002Fdeploy\u002Fwp-safety.org\u002Fdata\u002Fplugin-versions\u002Fvideo-conferencing-with-zoom-api\u002F4.6.8\u002Fassets\u002Fvendor\u002Fzoom\u002Fwebsdk\u002Fzoom-meeting.bundle.js\n--- \u002Fhome\u002Fdeploy\u002Fwp-safety.org\u002Fdata\u002Fplugin-versions\u002Fvideo-conferencing-with-zoom-api\u002F4.6.7\u002Fassets\u002Fvendor\u002Fzoom\u002Fwebsdk\u002Fzoom-meeting.bundle.js\t2024-09-26 08:39:52.000000000 +0000\n+++ \u002Fhome\u002Fdeploy\u002Fwp-safety.org\u002Fdata\u002Fplugin-versions\u002Fvideo-conferencing-with-zoom-api\u002F4.6.8\u002Fassets\u002Fvendor\u002Fzoom\u002Fwebsdk\u002Fzoom-meeting.bundle.js\t2026-06-09 07:25:54.000000000 +0000\n@@ -1 +1 @@\n-\"use strict\";(self.webpackChunkvideo_conferencing_with_zoom_api=self.webpackChunkvideo_conferencing_with_zoom_api||[]).push([[721],{631:(e,n,t)=>{var i=t(114);const o={meetingID:atob(zvc_ajx.meeting_id),redirectTo:zvc_ajx.redirect_page,password:!1!==zvc_ajx.meeting_pwd&&atob(zvc_ajx.meeting_pwd),infoContainer:document.querySelector(\".vczapi-zoom-browser-meeting--info__browser\"),init:function(){this.initSDK(),this.eventHandlers(),zvc_ajx.enable_direct_join_via_browser&&this.handleJoinOnInit()},initSDK:function(){i.ZoomMtg.preLoadWasm(),i.ZoomMtg.prepareWebSDK()},eventHandlers:function(){let e=document.getElementById(\"vczapi-zoom-browser-meeting-join-mtg\");null!=e&&(e.onclick=this.handleJoinMeetingButton.bind(this))},handleJoinOnInit:function(){const e=zvc_ajx.user_name,n=zvc_ajx.user_mail,t=this.password;this.handleJoinMeeting(e,t,n)},loader:function(){const e=document.createElement(\"span\");return e.id=\"zvc-cover\",e},generateSignature:async function(){const e=new FormData;return e.append(\"action\",\"get_auth\"),e.append(\"noncce\",zvc_ajx.zvc_security),e.append(\"meeting_id\",parseInt(this.meetingID)),(await fetch(zvc_ajx.ajaxurl,{method:\"POST\",body:e})).json()},removeLoader:function(){null!==document.getElementById(\"zvc-cover\")&&document.getElementById(\"zvc-cover\").remove()},handleJoinMeeting:function(e,n,t,i){null==this.meetingID&&\"\"===this.meetingID||this.generateSignature().then((o=>{if(o.success){document.getElementById(\"zmmtg-root\").style.display=\"block\",this.removeLoader();const a={name:null!==e?e:\"\",password:null!==n?n:\"\",email:null!==t?t:\"\",locale:i};this.prepBeforeJoin(o,a)}}))},handleJoinMeetingButton:function(e){e.preventDefault(),document.body.appendChild(this.loader());const n=document.getElementById(\"vczapi-jvb-display-name\"),t=document.getElementById(\"vczapi-jvb-email\"),i=document.getElementById(\"meeting_password\"),o=document.querySelector(\".meeting-locale\");if(null!==n&&(null===n.value||\"\"===n.value))return this.infoContainer.innerHTML=\"Name is a Required field!\",this.infoContainer.style.color=\"red\",this.removeLoader(),!1;if(null!==t&&(null===t.value||\"\"===t.value))return this.infoContainer.innerHTML=\"Email is a Required field!\",this.infoContainer.style.color=\"red\",this.removeLoader(),!1;if(null!==i&&(null===i.value||\"\"===i.value))return this.infoContainer.innerHTML=\"Validation: Password is Required!\",this.infoContainer.style.color=\"red\",this.removeLoader(),!1;const a=null!==n?n.value:\"\",r=null!==i?i.value:\"\",l=null!==t?t.value:\"\",s=null!==o.value?o.value:\"en-US\";this.handleJoinMeeting(a,r,l,s)},prepBeforeJoin:function(e,n){const t=e.data.key,i=e.data.sig,o=e.data.type,a=document.getElementById(\"vczapi-zoom-browser-meeting\");null!==a&&a.remove();const r={lang:n.locale,leaveUrl:this.redirectTo};let l={meetingNumber:parseInt(this.meetingID),userName:n.name,signature:i,userEmail:n.email,passWord:n.password?n.password:this.password,success:function(e){console.log(\"Join Meeting Success\")},error:function(e){console.log(e)}};const s=new URLSearchParams(window.location.search),c=Object.fromEntries(s.entries());null!==c.tk&&(l.tk=c.tk),window.location!==window.parent.location&&(r.leaveUrl=window.location.href),\"jwt\"===o?l.apiKey=t:\"sdk\"===o&&(l.sdkKey=t),this.joinMeeting(r,l)},joinMeeting:function(e,n){i.ZoomMtg.i18n.load(e.lang),i.ZoomMtg.init({leaveUrl:e.leaveUrl,isSupportAV:!0,meetingInfo:zvc_ajx.meetingInfo,disableInvite:zvc_ajx.disableInvite,disableRecord:zvc_ajx.disableRecord,disableJoinAudio:zvc_ajx.disableJoinAudio,isSupportChat:zvc_ajx.isSupportChat,isSupportQA:zvc_ajx.isSupportQA,isSupportBreakout:zvc_ajx.isSupportBreakout,isSupportCC:zvc_ajx.isSupportCC,screenShare:zvc_ajx.screenShare,success:function(){i.ZoomMtg.join(n)},error:function(e){console.log(e)}})}};document.addEventListener(\"DOMContentLoaded\",o.init())}},e=>{e(e.s=631)}]);\n\\ No newline at end of file\n+\"use strict\";(self.webpackChunkvideo_conferencing_with_zoom_api=self.webpackChunkvideo_conferencing_with_zoom_api||[]).push([[721],{631:(e,n,t)=>{var i=t(114);const o={meetingID:atob(zvc_ajx.meeting_id),redirectTo:zvc_ajx.redirect_page,password:!1!==zvc_ajx.meeting_pwd&&atob(zvc_ajx.meeting_pwd),infoContainer:document.querySelector(\".vczapi-zoom-browser-meeting--info__browser\"),init:function(){this.initSDK(),this.eventHandlers(),zvc_ajx.enable_direct_join_via_browser&&this.handleJoinOnInit()},initSDK:function(){i.ZoomMtg.preLoadWasm(),i.ZoomMtg.prepareWebSDK()},eventHandlers:function(){let e=document.getElementById(\"vczapi-zoom-browser-meeting-join-mtg\");null!=e&&(e.onclick=this.handleJoinMeetingButton.bind(this))},handleJoinOnInit:function(){const e=zvc_ajx.user_name,n=zvc_ajx.user_mail,t=this.password;this.handleJoinMeeting(e,t,n)},loader:function(){const e=document.createElement(\"span\");return e.id=\"zvc-cover\",e},generateSignature:async function(){const e=new FormData;return e.append(\"action\",\"get_auth\"),e.append(\"noncce\",zvc_ajx.zvc_security),e.append(\"meeting_id\",parseInt(this.meetingID)),(await fetch(zvc_ajx.ajaxurl,{method:\"POST\",body:e,credentials:\"same-origin\"})).json()},removeLoader:function(){null!==document.getElementById(\"zvc-cover\")&&document.getElementById(\"zvc-cover\").remove()},handleJoinMeeting:function(e,n,t,i){null==this.meetingID&&\"\"===this.meetingID||this.generateSignature().then((o=>{if(o.success){document.getElementById(\"zmmtg-root\").style.display=\"block\",this.removeLoader();const a={name:null!==e?e:\"\",password:null!==n?n:\"\",email:null!==t?t:\"\",locale:i};this.prepBeforeJoin(o,a)}}))},handleJoinMeetingButton:function(e){e.preventDefault(),document.body.appendChild(this.loader());const n=document.getElementById(\"vczapi-jvb-display-name\"),t=document.getElementById(\"vczapi-jvb-email\"),i=document.getElementById(\"meeting_password\"),o=document.querySelector(\".meeting-locale\");if(null!==n&&(null===n.value||\"\"===n.value))return this.infoContainer.innerHTML=\"Name is a Required field!\",this.infoContainer.style.color=\"red\",this.removeLoader(),!1;if(null!==t&&(null===t.value||\"\"===t.value))return this.infoContainer.innerHTML=\"Email is a Required field!\",this.infoContainer.style.color=\"red\",this.removeLoader(),!1;if(null!==i&&(null===i.value||\"\"===i.value))return this.infoContainer.innerHTML=\"Validation: Password is Required!\",this.infoContainer.style.color=\"red\",this.removeLoader(),!1;const a=null!==n?n.value:\"\",r=null!==i?i.value:\"\",l=null!==t?t.value:\"\",s=null!==o.value?o.value:\"en-US\";this.handleJoinMeeting(a,r,l,s)},prepBeforeJoin:function(e,n){const t=e.data.sig,i=document.getElementById(\"vczapi-zoom-browser-meeting\");null!==i&&i.remove();const o={lang:n.locale,leaveUrl:this.redirectTo};let a={meetingNumber:parseInt(this.meetingID),userName:n.name,signature:t,userEmail:n.email,passWord:n.password?n.password:this.password,success:function(e){console.log(\"Join Meeting Success\")},error:function(e){console.log(e)}};const r=new URLSearchParams(window.location.search),l=Object.fromEntries(r.entries());null!==l.tk&&(a.tk=l.tk),window.location!==window.parent.location&&(o.leaveUrl=window.location.href),this.joinMeeting(o,a)},joinMeeting:function(e,n){i.ZoomMtg.i18n.load(e.lang),i.ZoomMtg.init({leaveUrl:e.leaveUrl,isSupportAV:!0,meetingInfo:zvc_ajx.meetingInfo,disableInvite:zvc_ajx.disableInvite,disableRecord:zvc_ajx.disableRecord,disableJoinAudio:zvc_ajx.disableJoinAudio,isSupportChat:zvc_ajx.isSupportChat,isSupportQA:zvc_ajx.isSupportQA,isSupportBreakout:zvc_ajx.isSupportBreakout,isSupportCC:zvc_ajx.isSupportCC,screenShare:zvc_ajx.screenShare,success:function(){i.ZoomMtg.join(n)},error:function(e){console.log(e)}})}};document.addEventListener(\"DOMContentLoaded\",o.init())}},e=>{e(e.s=631)}]);\n\\ No newline at end of file\ndiff -ru \u002Fhome\u002Fdeploy\u002Fwp-safety.org\u002Fdata\u002Fplugin-versions\u002Fvideo-conferencing-with-zoom-api\u002F4.6.7\u002Fincludes\u002Fadmin\u002Fclass-zvc-admin-ajax.php \u002Fhome\u002Fdeploy\u002Fwp-safety.org\u002Fdata\u002Fplugin-versions\u002Fvideo-conferencing-with-zoom-api\u002F4.6.8\u002Fincludes\u002Fadmin\u002Fclass-zvc-admin-ajax.php\n--- \u002Fhome\u002Fdeploy\u002Fwp-safety.org\u002Fdata\u002Fplugin-versions\u002Fvideo-conferencing-with-zoom-api\u002F4.6.7\u002Fincludes\u002Fadmin\u002Fclass-zvc-admin-ajax.php\t2026-04-20 06:57:08.000000000 +0000\n+++ \u002Fhome\u002Fdeploy\u002Fwp-safety.org\u002Fdata\u002Fplugin-versions\u002Fvideo-conferencing-with-zoom-api\u002F4.6.8\u002Fincludes\u002Fadmin\u002Fclass-zvc-admin-ajax.php\t2026-06-09 07:25:54.000000000 +0000\n@@ -180,15 +182,40 @@\n \t *\u002F\n \tpublic function get_auth()\n \t{\n-\t\tcheck_ajax_referer('_nonce_zvc_security', 'noncce');\n... (truncated)","1. Navigate to any page on the target site that displays a Zoom meeting (triggering the 'Join via Browser' scripts).\n2. Extract the AJAX nonce from the frontend HTML or the global JavaScript object `window.zvc_ajx.zvc_security`.\n3. Identify a valid Zoom meeting ID associated with the site.\n4. Send an unauthenticated POST request to `\u002Fwp-admin\u002Fadmin-ajax.php` with the parameters `action=get_auth`, `noncce=\u003CEXTRACTED_NONCE>`, and `meeting_id=\u003CMEETING_ID>`.\n5. Capture the JSON response, which contains the site's Zoom SDK API Key and a signed JWT signature for the provided meeting ID.\n6. Use these credentials with the Zoom Web SDK to join the target meeting.","gemini-3-flash-preview","2026-06-25 23:55:13","2026-06-25 23:56:20",{"type":41,"vulnerable_version":42,"fixed_version":11,"vulnerable_browse":43,"vulnerable_zip":44,"fixed_browse":45,"fixed_zip":46,"all_tags":47},"plugin","4.6.7","https:\u002F\u002Fplugins.trac.wordpress.org\u002Fbrowser\u002Fvideo-conferencing-with-zoom-api\u002Ftags\u002F4.6.7","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fvideo-conferencing-with-zoom-api.4.6.7.zip","https:\u002F\u002Fplugins.trac.wordpress.org\u002Fbrowser\u002Fvideo-conferencing-with-zoom-api\u002Ftags\u002F4.6.8","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fvideo-conferencing-with-zoom-api.4.6.8.zip","https:\u002F\u002Fplugins.trac.wordpress.org\u002Fbrowser\u002Fvideo-conferencing-with-zoom-api\u002Ftags"]