Original password change form was there and that was also asking for old password (Which can’t be bypassed using this form) and the request was made to another endpoint.

There was also another form for editing your profile info which doesn’t require a password. I used this endpoint to bypass the change password.