Cross-Origin Resource Sharing

A mechanism that controls which domains can make requests to your API.

How it works

A mechanism that controls which domains can make requests to your API.

WordPress REST API uses CORS headers. Misconfigured CORS can expose API endpoints to unauthorized requests.

WP HealthKit checks for Cross-Origin Resource Sharing-related vulnerabilities automatically

What Is Cross-Origin Resource Sharing? — WordPress Security Glossary | WP HealthKit