Geeks for your information News Privacy & Security News v
WordPress iOS app leaked authentication tokens
WordPress iOS app leaked authentication tokens
silversurfer Offline
Staff Member
******
Posts: 3,885
Threads: 3,283
Thanks Received: 5,064 in 3,838 posts
Thanks Given: 6,200
Joined: 12 September 18
#1
03 April 19, 12:10 (This post was last modified: 03 April 19, 12:11 by silversurfer.)
Quote:Automattic, the company behind the WordPress.com blogging platform, said it fixed a bug in its official iOS application that might have exposed users' account authentication tokens to third-party websites.
 
"The issue created the potential of exposing security credentials to third-party websites, and only affected private websites with images hosted externally (e.g., with a service like Flickr) that are viewed or composed with the app," the company said in an email it sent to its users this week.
 
"We've fixed the issue and released an updated version of the app to the App Store," it said.

Automattic said no usernames and passwords were exposed, but only "security tokens that the app uses to communicate/authenticate with WordPress.com."

SOURCE: https://www.zdnet.com/article/wordpress-...on-tokens/
[-] The following 1 user says Thank You to silversurfer for this post:
  • harlan4096
Find
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:

[-]
Recent Posts
K-Lite Codec Pack 19.3.5 / 19.3.6 Update
Changes in 19.3.6:...harlan4096 — 11:55
AVG 25.12.10659
AVG 25.12.10659: ...harlan4096 — 11:54
Avast 25.12.10659
Avast 25.12.10659:...harlan4096 — 11:53
Microsoft Edge 143.0.3650.80
Version 143.0.3650...harlan4096 — 11:52
Audacity 3.7.7
Audacity 3.7.7 ...harlan4096 — 11:50

[-]
Birthdays
Today's Birthdays
avatar (41)Enlargedterrestrial20
Upcoming Birthdays
avatar (43)ivyhuv

[-]
Online Staff
There are no staff members currently online.

>