There are several security issues that have been identified with the WordPress REST API. These include:
- Unauthenticated access: By default, the REST API allows unauthenticated access to some of its endpoints. These include access to the all users who have made a public post or comment.
- Permission escalation: If a user has access to certain endpoints, they may be able to use that access to gain access to other parts of the website that they should not have access to.
- Injection attacks: Because the REST API uses parameters in the URL to determine what data to return, it is vulnerable to injection attacks, where an attacker can inject malicious code into the URL to gain access to sensitive data.
- Misconfigured plugin: Some WordPress plugin may not be properly configured that leaves the website vulnerable.
It is important to keep your WordPress installation and plugins updated, and to use proper authentication and access controls to limit access to the REST API and other sensitive parts of your website. Additionally, use security plugin to scan for vulnerabilities.