CVEs (3)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
1Fullworksplugins 1Stop User Enumeration Jun 17, 2026 Jul 17, 2025 N/A· v4 5.3 MEDIUM· v3 N/A· v2 The Stop User Enumeration WordPress plugin before version 1.7.3 blocks REST API /wp-json/wp/v2/users/ requests for non-authorized users. However, this can be bypassed by URL-encoding the API path. |
1Fullworksplugins 1Stop User Enumeration Jan 23, 2026 Aug 21, 2019 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 The stop-user-enumeration plugin before 1.3.8 for WordPress has XSS. |
1Fullworksplugins 1Stop User Enumeration May 13, 2026 Nov 17, 2017 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 Stop User Enumeration 1.3.8 allows user enumeration via the REST API |