"No users found" when enumerating users with wpscan 3.5.0

[iamjmat]

Hi
I am using wpscan 3.5.0 and I am trying to do the DerpNStink CTF. When enumerating users , it just seems to skip and show "No users found"
Please find below the command and output

wpscan --enumerate u  ap at --url http://derpnstink.local/weblog/ --ignore-main-redirect --force --wp-content-dir wp-content --max-threads  2 --detection-mode aggressive
_______________________________________________________________
        __          _______   _____
        \ \        / /  __ \ / ____|
         \ \  /\  / /| |__) | (___   ___  __ _ _ __ ®
          \ \/  \/ / |  ___/ \___ \ / __|/ _` | '_ \
           \  /\  /  | |     ____) | (__| (_| | | | |
            \/  \/   |_|    |_____/ \___|\__,_|_| |_|

        WordPress Security Scanner by the WPScan Team
                       Version 3.5.0
          Sponsored by Sucuri - https://sucuri.net
      @_WPScan_, @ethicalhack3r, @erwan_lr, @_FireFart_
_______________________________________________________________

[+] URL: http://derpnstink.local/weblog/
[+] Started: Sun Apr  7 10:30:18 2019

Interesting Finding(s):

[+] http://derpnstink.local/weblog/xmlrpc.php
 | Found By: Direct Access (Aggressive Detection)
 | Confidence: 100%
 | References:
 |  - http://codex.wordpress.org/XML-RPC_Pingback_API
 |  - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_ghost_scanner
 |  - https://www.rapid7.com/db/modules/auxiliary/dos/http/wordpress_xmlrpc_dos
 |  - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_xmlrpc_login
 |  - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_pingback_access

[+] http://derpnstink.local/weblog/readme.html
 | Found By: Direct Access (Aggressive Detection)
 | Confidence: 100%

[+] http://derpnstink.local/weblog/wp-cron.php
 | Found By: Direct Access (Aggressive Detection)
 | Confidence: 60%
 | References:
 |  - https://www.iplocation.net/defend-wordpress-from-ddos
 |  - https://github.com/wpscanteam/wpscan/issues/1299

[+] WordPress version 4.6.14 identified (Latest, released on 2019-03-13).
 | Detected By: Opml Generator (Aggressive Detection)
 |  - http://derpnstink.local/weblog/wp-links-opml.php, Match: 'generator="WordPress/4.6.14"'
 | Confirmed By: Query Parameter In Install Page (Aggressive Detection)
 |  - http://derpnstink.local/weblog/wp-includes/css/buttons.min.css?ver=4.6.14
 |  - http://derpnstink.local/weblog/wp-admin/css/install.min.css?ver=4.6.14
 |  - http://derpnstink.local/weblog/wp-includes/css/dashicons.min.css?ver=4.6.14

[i] The main theme could not be detected.

[+] Enumerating Users (via Aggressive Methods)
 Brute Forcing Author IDs - Time: 00:00:00 <==> (10 / 10) 100.00% Time: 00:00:00

[i] No Users Found.


[+] Finished: Sun Apr  7 10:30:18 2019
[+] Requests Done: 12
[+] Cached Requests: 37
[+] Data Sent: 5.115 KB
[+] Data Received: 4.21 KB
[+] Memory used: 81.695 MB
[+] Elapsed time: 00:00:00d

[erwanlr]

Thanks you for the report, this has been fixed in the 3.5.1 released a few minutes ago :)

[iamjmat]

Thanks for the quick fix. Will update wpscan and check if issue persists