Join GitHub today
GitHub is home to over 31 million developers working together to host and review code, manage projects, and build software together.Sign up
prevent user name enumaration/leakage #4
WordPress by default have two easy ways for non authenticated user to discover user names (at least the author ones), by canonical redirect from the "old" url formats, and by querying the user information via the REST API.
In addition WordPress gladly discloses which user names and emails are in use via login and password reset error messages.