Warning: Version 1.3.4 of this plugin has known vulnerabilities
The version of this plugin that this recommendation was based on is known to be vulnerable to attack:
Warning: old version
This recommendation applies to version 1.3.4 of this plugin, but the most recent version is 1.3.11. These findings may no longer be correct.
- WordPress 4.7 includes an API for getting all users – this plugin does not block that
- Attempts to block traditional user enumeration via /?author=1 (and similar POST requests) but fails
Reason for the 'Potentially unsafe' result
The plugin has been given this recommendation at the tester's discretion:
We conduct these inspections for our own use, and publish them in the hope that they may be useful to others. We don't guarantee that these findings are correct.
Please read this site's terms of service before taking any action based on information published here.