WordPress vulnerable to multiple attacks at https://nextcloud.com

**summary:** your current version of WordPress is available to multiple attacks check (INFO.php) **available attacks:** - Unauthenticated Arbitrary File Deletion - lib/IPTraf.php User-Agent Header Stored XSS - Password Creation Restriction Bypass - wp-admin/admin.php whois Parameter Stored XSS - XSS & IAA - Banned IP Functionality Bypass - XSS in Referer Header - Username Enumeration **POC** I was able to enumerate some of your users check (POC.png) ## Impact Attacker can use any of these attacks and steal a lot of information from your website as I did with *Username Enumeration*