[wp-testers] Talsoft S.R.L. Security Advisory - WordPress User IDs and User Names Disclosure
Andrew Nacin
wp at andrewnacin.com
Thu May 26 14:17:58 UTC 2011
On Thu, May 26, 2011 at 9:59 AM, Veronica <vero.valeros at gmail.com> wrote:
> -----------------------------------------------------------------------
> Talsoft S.R.L. Security Advisory
> WordPress User IDs and User Names Disclosure
> -----------------------------------------------------------------------
>
> I. Advisory information
> Title: WordPress User IDs and User Names Disclosure
> Advisory Id: TALSOFT-2011-0526
> Advisory URL:
> http://www.talsoft.com.ar/index.php/research/security-advisories/wordpress-user-id-and-user-name-disclosure
> Date published: 2011-05-26
<snip>
>
> - WordPress team agreed to release the security advisory.
Worth sharing here that the WordPress core team is under the opinion that
username disclosure is not and has never been a security vulnerability.
There will be no further work in this area.
Nacin
More information about the wp-testers
mailing list