Published in


How i got a free delivery by signing up with “” #Bug Bounty write up

Hello everyone, today i’m back with another write-up, in this write-up i will explain, how i got a free delivery access to all my orders by signing-up with “”.

Let’s start,

When the target website doesn’t have 2F-Authentication enabled, this type of vulnerability usually works or it also works when the 2F-authentication enabled for mobile number.

Before registering to the account, i tried “”, “” and some other, but got an error “this email id is already taken” so i registered with other email address “” after many errors.

Steps to reproduce

1) Signup with “
2) Check the profile tab you may see the extra privileges for your account.
3) Place the order.

To cross check created another normal user account “” and placed a order with same location but i didn’t get any free delivery for the item.


1) By registering the account with “” you easily get a free delivery access to your orders.
2) Extra privileges.


1) Try to break things logically
2) Don’t give up.



Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store