The messaging used in failed login attempts in WordPress allows for user enumeration.
f48de67dabdc3e6987b8be56f8bdf8cf2efffaaac5d0ff60456f0e5349566759
#(+)Exploit Title: Wordpress Abuse of Functionality Vulnerability
#(+)Created By: ^Xecuti0n3r
#(+) Date : 23.04.2011
#(+) Hour : 13:37 PM
#(+) E-mail : xecuti0n3r()yahoo.com
Abuse of Functionality (WASC-42):-
Login Username enumeration is possible in Wordpress using a functionality provided by Wordpress itself ;)
Goto: https://site.com/wp-login.php
Case 1:
Enter Wrong Username + Wrong Password.
You'll get and Error stating: "ERROR: Invalid username." --> Which states that the username does not exist.
Case 2:
Enter Correct Username + Wrong Password.
You'll get and Error stating: "ERROR: The password you entered for the username <Entered_usrername> is incorrect."
This symblolises that the entered username is valid but the password is wrong.
This process can be automated, because it not protected by captcha. :)
#######################
(+)Exploit Coded by: ^Xecuti0n3r
(+)Special Thanks to: MaxCaps, d3M0l!tioN3r, aNnIh!LatioN3r
#######################