brute force attack allowed on admin page https://www.stellar.org/wp-admin/

hi security team -due to your bug bounty program , i found basic authentication method -by doing many trials the server will response and will not block the logging process - the attack can be automated by burp intruder till getting access to admin page - in second screen the request is intercepted by burp proxy F290121: -in third anf forth screen i used burp intruder to automate bruit force attack (i tried only 9 times to make POC) F290122: F290123: ## Impact if the attack coleted , admin page is accessed