Bypass Glitch in Wordfence 7.1.12 Enabled Username Discovery

Wordfence Plugin Header from WordPress Plugin Page

Alert from the the WPScan Team: a glitch in Wordfence version 7.1.12 enabled people to discover usernames if they did the username query using the ‘WWW’ version of the domain name.

This was fixed in version 7.1.14 – make sure you have updated..!

Stay safe,

Martin Malden

Martin Malden
Owner – WP Security Basics

P.S.Is your WordPress website as secure as it could be? Take a look at the WordPress security products I have reviewed (I use all of them and I’d be happy to answer any questions you may have):

{ 0 comments… add one }

Leave a Comment