Just found a crazy vulnerability and have no idea how to fix it.

Here is a situation:

1. Admin logs in to a website.
2. Regular user logs in using their credentials within the next few minutes
3. Instead of logging in to their profile, they get access to admin resources. Their username is reflected as admin and they have access to all the features.

Why is this happening and how to stop it?

That's not the first time it happens and I am really concerned about it. I am using optimizepress plugin for creating custom login page. Don't know if it may be related to the problem