Every time a site admin leaves a comment on his blog, WordPress automatically adds a CSS class that reveals his login username. The class is comment-author-admin. So if the admin’s username is wpfuss for example, the class will render as comment-author-wpfuss.
To fix this problem just paste the code below to your functions.php theme file:
function remove_comment_author_class( $classes ) {
foreach( $classes as $key => $class ) {
if(strstr($class, "comment-author-")) {
unset( $classes[$key] );
}
}
return $classes;
}
add_filter( 'comment_class' , 'remove_comment_author_class' );
I’m not sure what’s the purpose for this class since we can use the bypostathor class to style the authors comments. Either way you’re better off hiding it.
Credits: c.bavota
Excellent. You’re the first I’ve seen to post this. This is definitely a security oversight by the WordPress guys . . .
It would have been a lot better if comment-author-admin rendered the admin’s first name, rather than their username.
Yup… definitely an oversight.
It’s not an oversight, it is intended behavior. Your login name is public in a number of places — not unlike countless other web applications and services — and this is just one of those locations. (Another example is author pages, e.g. example.com/author/nacin/.)
Hey thanks for stopping by Andrew.
So what you’re saying is that WP doesn’t consider a security issue the fact that anyone can know your login name?