A staff technologist for the Electronic Frontier Foundation has stumbled across a cookie that WordPress.com uses to transmit login credentials in plain text to the authentication endpoint, leaving sites open to simple hijacking attempts. Yan Zhu posted about the discovery, detailing the information about how the information in the cookie could be used to access another’s site if intercepted….
No responses yet