WordPress Plugin Vulnerabilities

Stop User Enumeration <= 1.3.8 - REST API Bypass

Description

The Stop User Enumeration WordPress plugin was affected by a REST API Bypass security vulnerability.

Affects Plugins

Plugin icon
stop-user-enumeration
Fixed in 1.3.9

References

CVE
CVE-2017-1000226
URL
https://advisories.dxw.com/advisories/stop-user-enumeration-rest-api/
URL
https://seclists.org/fulldisclosure/2017/Jul/67

Miscellaneous

Submitter
ethicalhack3r
Submitter twitter
ethicalhack3r
Verified
No
WPVDB ID
0b2cc284-213d-414b-9e6d-d10db0d90148

Timeline

Publicly Published
2017-07-25 (about 8 years ago)
Added
2017-07-28 (about 8 years ago)
Last Updated
2022-04-08 (about 4 years ago)

Other

Published
Title
Published
2025-07-24
Title
PPWP < 1.9.11 - Subscriber+ Access Bypass via REST API
Published
2023-10-03
Title
Captcha/Honeypot for Contact Form 7 < 1.11.4 - Captcha Bypass
Published
2020-02-10
Title
Profile Builder and Profile Builder Pro < 3.1.1 - User Registration With Administrator Role
Published
2024-04-15
Title
Zero Spam < 5.5.7 - Spam Protection Bypass
Published
2019-05-06
Title
W3 Total Cache < 0.9.7.4 - Cryptographic Signature Bypass