AIOS WordPress Plugin Faces Backlash for Storing User Passwords in Plain Text

All-In-One Security (AIOS), a WordPress plugin installed on over one million sites, has issued a security update after a bug introduced in version 5.1.9 of the software caused users' passwords being added to the database in plaintext format. "A malicious site administrator (i.e. a user already logged into the site as an admin) could then have read them," UpdraftPlus, the maintainers of AIOS, 

Posted from: Click here for the full article.

留言

此網誌的熱門文章

CISA Adds NAKIVO Vulnerability to KEV Catalog Amid Active Exploitation

Microsoft Expands Free Logging Capabilities for all U.S. Federal Agencies

OttoKit WordPress Plugin Admin Creation Vulnerability Under Active Exploitation