Hi there,
we found 8 vulnerabilities are related to CORS (cross-origin resource sharing) misconfiguration which could cause the website at a high-risk of compromise resulting in an impact on the confidentiality and integrity of data by allowing third-party sites to carry out privileged requests through our web site’s authenticated users such as retrieving user setting information or saved payment card data.
All of the 8 vulnerabilities are related to wp-json, see below report:
How can we solve this?