DigitalOcean.com hacking w/ wp-json
-
today, the following appeared in log. normally, only the last 2 entries appear, but today ///wp-json/wp/v2/users/ appeared.
URL gives full access to administrators, editors, authors details — user ID etc.
167.71.87.135, , ///wp-json/wp/v2/users/, 3/15/20, 9:03 AM, 249, 301, GET, HTTP/1.1, Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0
167.71.87.135, , ///?author=1, 3/15/20, 9:03 AM, 238, 301, GET, HTTP/1.1, Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0
167.71.87.135, , /wp-login.php, 3/15/20, 9:03 AM, 241, 301, GET, HTTP/1.1, Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0
- The topic ‘DigitalOcean.com hacking w/ wp-json’ is closed to new replies.
