[wp-trac] [WordPress Trac] #53561: Posts publicly displaying my username even though I have selected a different name in profile settings.
WordPress Trac
noreply at wordpress.org
Wed Jun 30 15:35:04 UTC 2021
#53561: Posts publicly displaying my username even though I have selected a
different name in profile settings.
--------------------------+----------------------
Reporter: gabrieldiggs | Owner: (none)
Type: defect (bug) | Status: closed
Priority: normal | Milestone:
Component: Security | Version:
Severity: normal | Resolution: invalid
Keywords: | Focuses:
--------------------------+----------------------
Changes (by desrosj):
* status: assigned => closed
* resolution: => invalid
* version: 5.7.2 =>
* component: General => Security
* milestone: Awaiting Review =>
Comment:
Hi @gabrieldiggs,
Thanks for this ticket!
Unfortunately, the amount of information provided is not enough to
determine why your username is displaying instead of your display name.
But this could be an intentional decision by the theme you are using.
The WordPress project also does not consider usernames or user IDs to be
private or secure information. This is outlined in the
[https://make.wordpress.org/core/handbookWordPress Core Handbook] on the
[https://make.wordpress.org/core/handbook/testing/reporting-security-
vulnerabilities/#why-are-disclosures-of-usernames-or-user-ids-not-a
-security-issue Reporting Security Vulnerabilities page].
In the future, issues that are believed to be security problems should be
disclosed **responsibly and privately** to the
[https://hackerone.com/wordpress project's HackerOne account]. If this
were something that was considered a security issue that should be
addressed, creating a public ticket here in Trac would expose every
WordPress site to the vulnerability being detailed.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/53561#comment:1>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list