Exploit for #VU4856 Information disclosure in WordPress

Vulnerability identifier: #VU4856

Vulnerability risk: Low

CVSSv4.0: 5.5 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/U:Clear]

CVE-ID: CVE-2017-5487

CWE-ID: CWE-284

Exploitation vector: Network

Exploits in database: 3

• May 7, 2023
  • CVE-2017-5487-EXPLOIT (A PoC exploit for CVE-2017-5487 - WordPress User Enumeration.) [Github]
• April 27, 2020
  • wp-CVE-2017-5487-exploit (WordPress CVE-2017-5487 Exploit in Python) [Github]
• March 18, 2020
  • WordPress < 4.7.1 - Username Enumeration [Exploit-DB]

Vulnerable software:
WordPress
Web applications / CMS

Vendor: WordPress.ORG