This plugin looked very promising to me since I don’t like “enumerating” user details which I consider a data leak. I tried it on a test site and indeed a query like /wp-json/wp/v2/users/1 will now properly not show user details when not logged in. But when checking the sanity report that was introduced in 5.2 I am now getting erros on cURL error 28: Operation timed out after 10000 milliseconds with 0 bytes received and a warning on wp_version_check(). So not so good then. I disabled the plugin, issue remains. I deleted the plugin, issue remains. I restored the whole site and db and the issue still remains… I don’t understand what traces it can leave to leave the REST API broek like that ? Doesn’t make sense to me… Any special things to take care off to completely remove all traces ?
- The topic ‘Plugin breaks REST API even when disabled’ is closed to new replies.