AIOS WordPress Plugin Faces Backlash for Storing User Passwords in Plain Text,
All-In-One Security (AIOS), a WordPress plugin installed on over one million sites, has issued a security update after a bug introduced in version 5.1.9 of the software caused users’ passwords being added to the database in plaintext format.
« A malicious site administrator (i.e. a user already logged into the site as an admin) could then have read them, » UpdraftPlus, the maintainers of AIOS,
« A malicious site administrator (i.e. a user already logged into the site as an admin) could then have read them, » UpdraftPlus, the maintainers of AIOS,
,
All-In-One Security (AIOS), a WordPress plugin installed on over one million sites, has issued a security update after a bug introduced in version 5.1.9 of the software caused users’ passwords being added to the database in plaintext format.
« A malicious site administrator (i.e. a user already logged into the site as an admin) could then have read them, » UpdraftPlus, the maintainers of AIOS,
« A malicious site administrator (i.e. a user already logged into the site as an admin) could then have read them, » UpdraftPlus, the maintainers of AIOS,
, ,
https://thehackernews.com/2023/07/aios-wordpress-plugin-faces-backlash.html