login as subscriber , send this request to admin-ajax.php action=wpfront_user_role_editor_assign_roles_user_autocomplete&term=true
it will return all user data except logged in one
here is the columns that are returned
Attacker can use email address to look for public breaches using a tool like this one
https://github.com/thewhiteh4t/pwnedOrNot
attacker can download the vk.com breach happend at 2012 and lookout for the victim password which will help in login and may be not changed at all