Nextcloud: Wordpress Users Disclosure

ID H1:625199
Type hackerone
Reporter abay
Modified 2019-07-01T09:32:11


Information Using REST API, we can see all the WordPress users/author with some of their information.

Step to Reproduce You can get user info by entering below url in your browser:

Reference: #356047


Authors : LTR , LTREditor can be created scenario of doing bruteforce attacks to this users.