Geeks for your information News Privacy & Security News v
WordPress iOS app leaked authentication tokens
WordPress iOS app leaked authentication tokens
silversurfer Offline
Staff Member
******
Posts: 3,885
Threads: 3,283
Thanks Received: 5,064 in 3,838 posts
Thanks Given: 6,200
Joined: 12 September 18
#1
03 April 19, 12:10 (This post was last modified: 03 April 19, 12:11 by silversurfer.)
Quote:Automattic, the company behind the WordPress.com blogging platform, said it fixed a bug in its official iOS application that might have exposed users' account authentication tokens to third-party websites.
 
"The issue created the potential of exposing security credentials to third-party websites, and only affected private websites with images hosted externally (e.g., with a service like Flickr) that are viewed or composed with the app," the company said in an email it sent to its users this week.
 
"We've fixed the issue and released an updated version of the app to the App Store," it said.

Automattic said no usernames and passwords were exposed, but only "security tokens that the app uses to communicate/authenticate with WordPress.com."

SOURCE: https://www.zdnet.com/article/wordpress-...on-tokens/
[-] The following 1 user says Thank You to silversurfer for this post:
  • harlan4096
Find
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:

[-]
Recent Posts
QOwnNotes
26.6.7 Added the ...Kool — 03:36
AnyDesk 8.0.3 for Linux
Version 8.0.3 for ...harlan4096 — 09:05
Google Chrome 149.0.7827.196/197
Google Chrome 149....harlan4096 — 09:04
System Restore Evolved: Windows 11 Point...
Imagine if a bad d...harlan4096 — 09:01
Avast 26.6.11050 & AVG 26.6.11050
Avast 26.6.11050 :...harlan4096 — 18:11

[-]
Birthdays
Today's Birthdays
No birthdays today.
Upcoming Birthdays
avatar (39)Tedscolo
avatar (46)brakasig

[-]
Online Staff
There are no staff members currently online.

>