WordPress AIOS plugin used by 1M sites logged plaintext passwords

July 14, 2023, 3:55 p.m. | Bill Toulas

BleepingComputer www.bleepingcomputer.com

The All-In-One Security (AIOS) WordPress security plugin, used by over a million WordPress sites, was found to be logging plaintext passwords from user login attempts to the site's database, putting account security at risk. [...]

account account security database logging login login attempts passwords plaintext plugin risk security wordpress wordpress security

Visit resource

More from www.bleepingcomputer.com / BleepingComputer

Android bug can leak DNS traffic with VPN kill switch enabled 3 hours ago | www.bleepingcomputer.com

android android devices block bug +15

NSA warns of North Korean hackers exploiting weak DMARC email policies 5 hours ago | www.bleepingcomputer.com

apt43 attacks authentication dmarc +19

Google rolls back reCaptcha update to fix Firefox issues 7 hours ago | www.bleepingcomputer.com

back bug captcha firefox +11

NATO and EU condemn Russia's cyberattacks against Germany, Czechia 8 hours ago | www.bleepingcomputer.com

apt28 campaign countries cyber +14

Microsoft rolls out passkey auth for personal Microsoft accounts 9 hours ago | www.bleepingcomputer.com

accounts auth authenticate biometric +20

CEO who sold fake Cisco devices to US military gets 6 years in prison 1 day, 2 hours ago | www.bleepingcomputer.com

ceo cisco companies counterfeit +14

Bitwarden launches new MFA Authenticator app for iOS, Android 1 day, 4 hours ago | www.bleepingcomputer.com

android android devices app authenticator +12

CISA urges software devs to weed out path traversal vulnerabilities 1 day, 4 hours ago | www.bleepingcomputer.com

cisa companies fbi path +9

Police shuts down 12 fraud call centres, arrests 21 suspects 1 day, 6 hours ago | www.bleepingcomputer.com

albania arrests bosnia bosnia and herzegovina +17

Senior Security Specialist, Forsah Technical and Vocational Education and Training (Forsah TVET) (NEW)

@ IREX | Ramallah, West Bank, Palestinian National Authority

View on infosec-jobs.com

Consultant(e) Junior Cybersécurité

@ Sia Partners | Paris, France

View on infosec-jobs.com

Senior Network Security Engineer

@ NielsenIQ | Mexico City, Mexico

View on infosec-jobs.com

Senior Consultant, Payment Intelligence

@ Visa | Washington, DC, United States

View on infosec-jobs.com

Corporate Counsel, Compliance

@ Okta | San Francisco, CA; Bellevue, WA; Chicago, IL; New York City; Washington, DC; Austin, TX

View on infosec-jobs.com

Security Operations Engineer

@ Samsara | Remote - US

View on infosec-jobs.com

View more jobs

all InfoSec news

WordPress AIOS plugin used by 1M sites logged plaintext passwords

More from www.bleepingcomputer.com / BleepingComputer

Jobs in InfoSec / Cybersecurity

Senior Security Specialist, Forsah Technical and Vocational Education and Training (Forsah TVET) (NEW)

Consultant(e) Junior Cybersécurité

Senior Network Security Engineer

Senior Consultant, Payment Intelligence

Corporate Counsel, Compliance

Security Operations Engineer