CVE-2017-5487 (wordpress)

CVE-2017-5487 (wordpress)

wp-includes/rest-api/endpoints/class-wp-rest-users-controller.php in the REST API implementation in WordPress 4.7 before 4.7.1 does not properly restrict listings of post authors, which allows remote attackers to obtain sensitive information via a wp-json/wp/v2/users request.

Source: CVE-2017-5487 (wordpress)

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다