Pinny’s REST Lock is a WordPress plugin that blocks public access to REST API user endpoints, preventing user enumeration attacks while maintaining full site functionality for authorized users. It is designed for site administrators seeking to improve WordPress security.
Pinny’s REST Lock sits in PulseGate's Security & compliance platforms category. It prevents attackers from enumerating WordPress users via the REST API, reducing a common security risk. It is built as a B2B product for wordPress site administrators. Pinny’s REST Lock costs nothing to use. The product ships for the web.
Behind Pinny’s REST Lock is Pinny Fried, and the product first shipped in 2026. PulseGate's similarity index finds few close equivalents — Pinny’s REST Lock occupies a relatively distinct niche. Key capabilities include REST API protection, user enumeration block, and role-based access. The interface is available in English and Kyrgyz.
Latest indexed changes and source events
wordpress.org discovered by the PulseGate indexer