(VULN) Username Login Not Case Sensitive

writer122 · Member · Jan 27, 2022 at 3:53 am
Copy link

Add topic to favorites
(27/01/2022) Today (10:35 am), i just found some bug or (may) vuln, this happen when i log in to my office website. Normally, i input the username same as user (lowercase) in wordpress, but in this case, in username input i involuntary log in with typo with UpperCase (Normally: ‘andy’ > POC: ‘AndY’). After i click log in button Normally this thing will failed the log in, but the wordpress still let me in with that’s typo. I dunno this is a bug, or some VULN, or a feature i never heard before.

WP.com: Unknown
Jetpack: Unknown
Correct account: Unknown

The blog I need help with is: (visible only to logged in users)
staartmees · Member · Jan 27, 2022 at 5:57 am
Copy link
What site are you talking about as http://hahaha952.wordpress.com/ has never been updated since 2016.
staff-sheva · Staff · Jan 27, 2022 at 4:29 pm
Copy link
Hi @writer122,

Can you please share the URL of the site that you’re referencing?

The topic ‘(VULN) Username Login Not Case Sensitive’ is closed to new replies.

Couldn't find what you needed?

Contact us

Get answers from our AI assistant, with access to 24/7 expert human support on paid plans.

Browse our guides

Find step-by-step solutions to common questions in our comprehensive guides.