Wordpress Username Enumeration
It is possible to enumerate Wordpress usernames.
- wordpress
- username
- enumeration
Username enumeration allows an attacker to guess usernames, which may enable them to log in to the application. This attack is often performed in combination with brute force attacks.
Impact
Attackers can enumerate Wordpress usernames which can be subsequently used for password spraying and other types of brute force attacks.
Solution
Consider disabling username enumeration by using specialised security plugins.
Was this page helpful?