Open API For Username enumeration

Disclosed: 2018-07-23 14:33:47 By sameerphad72 To wordpress

Low

Vulnerability Details

We Can do username enumeration, Reproduce: 1. Go any wordpress site. #2.www.site.com/?author=1 (type ?author=1 at end of site) 3. You will get www.site.com/author/admin (now, admin is username of login panel of that site) Thanks, Sameer Phad ## Impact -

Actions

View on HackerOne

Report Stats

Report ID: 385322
State: Closed
Substate: not-applicable
Upvotes: 24

Open API For Username enumeration

Vulnerability Details

Actions

Report Stats

Share this report