Exploit for #VU4856 Information disclosure in WordPress

Exploit for #VU4856 Information disclosure in WordPress

Published: 2020-03-18 | Updated: 2023-05-07

Vulnerability identifier: #VU4856

Vulnerability risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C]

CVE-ID: CVE-2017-5487

CWE-ID: CWE-284

Exploitation vector: Network

Exploits in database: 3

May 7, 2023
- CVE-2017-5487-EXPLOIT (A PoC exploit for CVE-2017-5487 - WordPress User Enumeration.) [Github]
April 27, 2020
- wp-CVE-2017-5487-exploit (WordPress CVE-2017-5487 Exploit in Python) [Github]
March 18, 2020
- WordPress < 4.7.1 - Username Enumeration [Exploit-DB]

Impact: Information disclosure

Vulnerable software:
WordPress
Web applications / CMS

Vendor: WordPress.ORG