BeTheme is leaking author-login in class names
BeTheme is leaking blog authors' login name. I think this is a security problem.
My only blog which has BeTheme is regularly brute force attacked daily by bots. One of my friends has the same problem. We discovered that BeTheme uses author login name in classes and bots get the author names and try to guess weak passwords.
Can you please change this behavior removing author login from classes and adding user-ID or author display name or some other information there?
Cheers,
Comments
we did checked our Muffin Login widget already and as you can see on http://pasteboard.co/6tSAygl1r.png we didn't found anything like that.
Did you saw the screenshot we sent you above from default WP theme http://pasteboard.co/ECKAMeWj.png ? If you saw it, you can see that username logins are being auto-generated by WordPress itself.