Disable the REST API user endpoints due to obscure user slugs
Author: | Niels Lange (profile at wordpress.org) |
WordPress version required: | 5.5 |
WordPress version tested: | 6.4.3 |
Plugin version: | 2.2 |
Added to WordPress repository: | 24-12-2016 |
Last updated: | 15-10-2023 |
Rating, %: | 100 |
Rated by: | 2 |
Plugin URI: | https://github.com/nielslange/smntcs-disable-... |
Total downloads: | 15 579 |
Active installs: | 3 000+ |
Click to start download |
With WordPress 4.7 the REST API is part of the core. At the moment everyone has read access to the REST API. As a result of that a potential intruder can retrieve a list of all user slugs via /wp-json/wp/v2/users
. This plugin disables the REST API user endpoints to obscure the user slugs.
Contribute
Contributions are more than welcome. Simply head over to Github and open an issue or a pull request.
ChangeLog