.png)
3 days ago
13 BOOK THIS SPACE FOR AD
ARTICLE AD
I used to write on Medium — had followers, decent engagement, and articles that got noticed. But one day, I stumbled upon a loophole that let me read all the paywalled stories for free. No shady extensions, no incognito tricks — just Medium’s own system working against itself.
Connect with me : https://linktr.ee/vivekps
My article is open to everyone; non-member readers can click this link to read the full text.
New to Bug Bounty Hunting? Before diving into this article, check out my previous posts:
My Bug Bounty Journey: How I Started Earning — Learn how I went from a beginner to making money with bug bounties.
The Easiest Bug finding for Beginners — Discover simple vulnerability that new hunters can find and report.
How a Simple Bug in Meta Earned Me $1,000 — My Bug Bounty Experience
How easy is to earn from bug bounties? — Income from bug bounty
Medium allows every new account to read one paywalled article for free. No subscription, no payment — just a little taste before they nudge you to pay.
Medium allows users to delete their accounts. Simple enough. But then, you can sign up again using the exact same email.
I thought, Wait… if I delete and re-sign up, does that mean I get a fresh free article every time?
I tried it. But Medium wasn’t that naive. When I attempted to re-register, it blocked me with:
“Can’t sign up because the email has been used multiple times.”
Okay, fair enough. But then I noticed something interesting.
During the signup process, after Google OAuth completes but before hitting the final submit button, Medium passes an email parameter in the request.
What if I just… change it?
Bengali (Bangladesh) · 
English (United States) ·