[affiliates.udemy.com] Wordpress user admin information discloure

### Summary This website using Wordpress CMS, so developer forget to disable the link that can view information of admin user. By access to this link, attacker can get all username and other information of user admin: > http://affiliates.udemy.com/wp-json/wp/v2/users {F312155} Admin user list: * hamza * imanrana * nupoora ## Impact With this vulnerability, attacker can get username of user admin and only brute-force the password for logging in the system.