Add /wp-json/wp/v2/users

Add /wp-json/wp/v2/users WP REST API endpoint which exposes sensitive information - list of all WP users, which could be used for brute-force attacks.

Discovery/Web-Content/quickhits.txt

@@ -2330,6 +2330,7 @@
 /wp-content/plugins/disqus-comment-system/disqus.php
 /wp-content/plugins/google-sitemap-generator/sitemap-core.php
 /wp-content/uploads/
+/wp-json/wp/v2/users
 /wp-register.php
 /wp.php
 /wp.rar/