User enumeration is a technique used by attackers to discover valid usernames associated with a CMS or website. By exploiting certain features, bad actors can compile a list of usernames, which can then be used to launch brute force attacks. These attacks systematically try various password combinations to gain unauthorized access to user accounts on your WordPress site. The consequences can be severe, including unauthorized modifications to website content, data breaches, and even complete site takeovers.

Continue reading WordPress User Enumeration: Risks & Mitigation Steps at Sucuri Blog.

Via Sucuri.net