Vulnerability Database

Wordpress XM-RPC listMethods Exposure

XML-RPC system.listMethods is used to view a list of available methods that may be called on the remote system.

Attackers can use this information to launch various types of attacks against a vulnerable Wordpress installation. For example, it is possible to enumerate the installed blogs as well as users.

Solution

Consider disabling system.listMethods by using XML-RPC method filters.

References

Suite

Free
  • Suitable For Non-commercial Use
  • Limited Features
  • Cloud Storage

Suite Pro

$9500person/month
  • Suitable For Commercial Use
  • Unlimited Features
  • Cloud Storage

Ultimate

Enterprise
  • All Tools, Services, and Plans
  • Suitable For Enterprises
  • Single Sign-On Integration
  • Single Tenant
  • Dedicated Support
  • Custom Integrations
  • Annual or Monthly, Fixed-cost Billing