Stop User Enumeration

User enumeration is a technique used by hackers to get your login name if you are using permalinks. This plugin stops that.

More information »

Use with caution

Confidence: Medium This plugin has been given a short, targeted code review.

Before using this plugin, you should carefully consider these findings.

More information about this recommendation

Warning: Version 1.3.8 of this plugin has known vulnerabilities

The version of this plugin that this recommendation was based on is known to be vulnerable to attack:

Warning: old version

This recommendation applies to version 1.3.8 of this plugin, but the most recent version is 1.3.12. These findings may no longer be correct.

Findings

  • Contains a setting to “Stop REST API User calls”, but there’s a way to work around it

Reason for the 'Use with caution' result

The plugin contains or is likely to contain a vulnerability which could be exploited by a privileged user to affect the site’s confidentiality, integrity or availability in a manner exceeding their privileges:

We conduct these inspections for our own use, and publish them in the hope that they may be useful to others. We don't guarantee that these findings are correct.

Please read this site's terms of service before taking any action based on information published here.

Testers
Tom Adams
Last revised
July 25, 2017
Versions tested
1.3.8
Plugin homepage
Stop User Enumeration
Other versions