Wordpress User Enumeration

What is the "Wordpress User Enumeration?"

The "Wordpress User Enumeration" module is designed to detect user enumeration vulnerabilities in Wordpress websites. It targets Wordpress, a popular content management system (CMS) used for creating websites and blogs. This module is classified as informative, meaning it provides information about potential vulnerabilities but does not actively exploit them. The original author of this module is r3dg33k.

Impact

User enumeration vulnerabilities in Wordpress can allow attackers to gather sensitive information about the website's users, such as usernames and email addresses. This information can be used for further attacks, such as brute-forcing login credentials or launching targeted phishing campaigns.

How the module works?

The "Wordpress User Enumeration" module works by sending a specific HTTP request to the target Wordpress website and analyzing the response. It checks if the response contains a redirect header with a specific format, indicating that user enumeration is possible. The module uses the following matching conditions:

- The response header must match the regular expression pattern: (?i)Location: http(s|):\\/\\/[\\w\\.\\-]+\\/author\\/\\w+

- The response status code must be 301 (Moved Permanently)

By analyzing the response headers and status code, the module can determine if the target Wordpress website is vulnerable to user enumeration.