| |
Vulnerability CVE-2022-4417
Published: 2023-01-02
| Description: |
The WP Cerber Security, Anti-spam & Malware Scan WordPress plugin before 9.3.3 does not properly block access to the REST API users endpoint when the blog is in a subdirectory, which could allow attackers to bypass the restriction in place and list users |
Type:
CWE-639 (Authorization Bypass Through User-Controlled Key)
References: |
https://wpscan.com/vulnerability/a8c6b077-ff93-4c7b-970f-3be4d7971aa5
|
|
|
closedb();
?>
Copyright 2026, cxsecurity.com
|
|
|