Geeks for your information News Privacy & Security News v
WordPress iOS app leaked authentication tokens
WordPress iOS app leaked authentication tokens
silversurfer Offline
Staff Member
******
Posts: 3,885
Threads: 3,283
Thanks Received: 5,064 in 3,838 posts
Thanks Given: 6,200
Joined: 12 September 18
#1
03 April 19, 12:10 (This post was last modified: 03 April 19, 12:11 by silversurfer.)
Quote:Automattic, the company behind the WordPress.com blogging platform, said it fixed a bug in its official iOS application that might have exposed users' account authentication tokens to third-party websites.
 
"The issue created the potential of exposing security credentials to third-party websites, and only affected private websites with images hosted externally (e.g., with a service like Flickr) that are viewed or composed with the app," the company said in an email it sent to its users this week.
 
"We've fixed the issue and released an updated version of the app to the App Store," it said.

Automattic said no usernames and passwords were exposed, but only "security tokens that the app uses to communicate/authenticate with WordPress.com."

SOURCE: https://www.zdnet.com/article/wordpress-...on-tokens/
[-] The following 1 user says Thank You to silversurfer for this post:
  • harlan4096
Find
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:

[-]
Recent Posts
Recover Corrupted EDB to PST
Safely recover your ...Jyoti_baghel — 05:25
GFYI [Official] AirVPN 2025 Christmas / ...
  We at Geeks For Y...jasonX — 20:47
GFYI [Official] Macrium Reflect X Home E...
  We at Geeks For ...jasonX — 20:39
GFYI [Official] Hasleo Backup Suite Vers...
  We at Geeks For ...jasonX — 20:32
GFYI [Official] XYplorer Pro 2025 Christ...
      We at Geeks F...jasonX — 20:23

[-]
Birthdays
Today's Birthdays
avatar (41)Enlargedterrestrial20
Upcoming Birthdays
avatar (43)ivyhuv

[-]
Online Staff
zevish's profile zevish

>