Tag: Passwords

AIOS WordPress Plugin Faces Backlash for Storing User Passwords in Plaintext
News

AIOS WordPress Plugin Faces Backlash for Storing User Passwords in Plaintext

WordPress plugin All-In-One Security (AIOS), which is used on over a million websites, has released a security upgrade as a result of a flaw that occurred in version 5.1.9 of the program and resulted in the addition of user passwords to the database in plaintext. "A malicious site administrator (i.e. a user already logged into the site as an admin) could then have read them," UpdraftPlus, the company that looks after AIOS, warned. If those site managers tried out those credentials on other services where your users might have used the same password, that would be a concern. A danger to the impacted website may exist if the logins for those other services are not two-factor authenticated read more AIOS WordPress Plugin Faces Backlash for Storing User Passwords in Plaintext. Stay i...