The WordPress Stop User Enumeration Plugin for WordPress is vulnerable to a security bypass in versions up to 1.2.4. This means that unauthenticated attackers can perform actions that should be secured. The vulnerability exists because the protection offered by the plugin only works when it receives GET requests, not POST requests.