The Stop User Enumeration WordPress plugin before version 1.7.3 blocks REST API /wp-json/wp/v2/users/ requests for non-authorized users. However, this can be bypassed by URL-encoding the API path.
CVSS
No CVSS.
References
Configurations
No configuration.
History
17 Jul 2025, 08:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2025-07-17 08:15
Updated : 2025-07-17 21:15
NVD link : CVE-2025-4302
Mitre link : CVE-2025-4302
JSON object : View
Products Affected
No product.
CWE
No CWE.