The Stop User Enumeration WordPress plugin before version 1.7.3 blocks REST API /wp-json/wp/v2/users/ requests for non-authorized users. However, this

WORDPRESS

17-07-2025 05:20

CVE-2025-4302 Vulnerabilidad documentada

Sin puntuación

Tags

#wordpress

#plugin

#wp

#bypass

#pass

Descripción

The Stop User Enumeration WordPress plugin before version 1.7.3 blocks REST API /wp-json/wp/v2/users/ requests for non-authorized users. However, this can be bypassed by URL-encoding the path.

https://wpscan.com/vulnerability/19f67d6e-4ffe-4126-ac42-fb23c5017a3e

Referencia

Link externo

Ver detalles

Fuente

https://nvd.nist.gov/vuln/detail/CVE-2025-4302

Resultados similares

Coincidentes en almenos en 50% de los tags

17-07-2025 CVE-2025-5678
The Gutenberg Blocks with AI by Kadence WP – Page Builder Features plugin for WordPress is vu...
Ver información

17-07-2025 CVE-2025-3780
The WCFM – Frontend Manager for WooCommerce along with Bookings Subscription Listings Compati...
Ver información