Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
FullworkspluginsStop User Enumeration

3 matches found

CVE
CVEadded 2017/11/17 5:0 a.m.210 views

CVE-2017-1000226

The CVE-2017-1000226 entry concerns WordPress Stop User Enumeration plugin version 1.3.8. The available connected data indicate a vulnerability that allows user enumeration via the REST API. The issue is described consistently across sources as stemming from the REST interface exposing username i...

5.3CVSS5.3AI score0.01373EPSS
CVE
CVEadded 2019/08/21 11:40 a.m.82 views

CVE-2017-18536

CVE-2017-18536 affects the WordPress plugin “Stop User Enumeration” (before version 1.3.8). The vulnerability is an unauthenticated reflected cross-site scripting (XSS) in the plugin, exploited via user-supplied input (e.g., author parameter) that can execute script in a victim’s browser. Impact ...

6.1CVSS6.3AI score0.0203EPSS
Web
CVE
CVEadded 2025/07/17 7:37 a.m.54 views

CVE-2025-4302

The CVE-2025-4302 issue affects the Stop User Enumeration WordPress plugin prior to version 1.7.3, where an authentication bypass is possible by URL-encoding the REST API path /wp-json/wp/v2/users/. This bypass defeats the plugin’s user-enumeration protections, and may facilitate brute-force atte...

5.3CVSS6.6AI score0.00847EPSS
Web