The topic "Leaking usernames through endpoints in WordPress" refers to a security vulnerability where sensitive user information, specifically usernames, can be accessed or exposed through certain API endpoints or interactions with the WordPress platform. This issue can lead to unauthorized access and targeted attacks, such as brute-force attacks, as attackers can compile a list of valid usernames. It highlights the importance of securing API endpoints and implementing proper access controls to protect user data within web applications.
https://hackerone.com/reports/1785021