WordPress Plugin Vulnerabilities
WP Cerber < 9.3.3 - User Enumeration Bypass via Rest API
Description
The plugin does not properly block access to the REST API users endpoint when the blog is in a subdirectory, which could allow attackers to bypass the restriction in place and list users
Proof of Concept
When the "Block access to users' data via REST API" settings is enabled (wp-admin/admin.php?page=cerber-security&tab=hardening) https://example.com/subdir//wp-json/wp/v2/users
Affects Plugins
References
CVE
Miscellaneous
Original Researcher
Abdul Muneeb
Submitter
Abdul Muneeb
Verified
Yes
WPVDB ID
Timeline
Publicly Published
2022-12-12 (about 1 years ago)
Added
2022-12-12 (about 1 years ago)
Last Updated
2022-12-12 (about 1 years ago)