Vulnerabilities and Security Researches

Vulnerabilities and security researches forstop-user-enumeration stop-user-enumeration

Direction: ascending

Jun 07, 2024

Stop User Enumeration # CVE-2017-18536

CVE, Research URL: CVE-2017-18536
Home page URL: Security reports for Stop User Enumeration
Application: Stop User Enumeration
Date: Aug 21, 2019
Research Description: The stop-user-enumeration plugin before 1.3.8 for WordPress has XSS.
Affected versions: max 1.3.20.
Status: vulnerable

Stop User Enumeration # CVE-2017-1000226

CVE, Research URL: CVE-2017-1000226
Home page URL: Security reports for Stop User Enumeration
Application: Stop User Enumeration
Date: Nov 17, 2017
Research Description: Stop User Enumeration 1.3.8 allows user enumeration via the REST API
Affected versions: max 1.2.5.
Status: vulnerable

Jul 19, 2025

Stop User Enumeration # CVE-2025-4302

CVE, Research URL: CVE-2025-4302
Home page URL: Security reports for Stop User Enumeration
Application: Stop User Enumeration
Date: Jul 17, 2025
Research Description: The Stop User Enumeration WordPress plugin before version 1.7.3 blocks REST API /wp-json/wp/v2/users/ requests for non-authorized users. However, this can be bypassed by URL-encoding the API path.
Affected versions: max 1.7.3.
Status: vulnerable