[wp-trac] [WordPress Trac] #61143: Our rest api User listing has chances to reveal username of Administrator User "wp-json/wp/v2/users"
WordPress Trac
noreply at wordpress.org
Sat May 4 04:23:39 UTC 2024
#61143: Our rest api User listing has chances to reveal username of Administrator
User "wp-json/wp/v2/users"
----------------------------------------------+----------------------------
Reporter: hlakkad1998 | Owner: (none)
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting
| Review
Component: REST API | Version: 6.5
Severity: critical | Resolution:
Keywords: needs-privacy-review needs-patch | Focuses: rest-api,
| privacy
----------------------------------------------+----------------------------
Changes (by hlakkad1998):
* Attachment "rest-api-security-check.jpg" added.
This file shows that in this "wp-json/wp/v2/users" contains the admin user
name.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/61143>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list