During my OSINT search, I discovered a method to confirm whether or not an e-mail address is saved on WordPress or not.
https://public-api.wordpress.com/rest/v1.1/users/#VendanNotes@gmail.com/auth-options?http_envelope=1
If an email isn't registered, you'll get the following JSON:
{"code":403,"headers":[{"name":"Content-Type","value":"application\/json"}],"body":{"error":"email_login_not_allowed","message":"Please log in using your WordPress.com username instead of your email address."}}
Comments
Post a Comment