Author Topic: All-In-One Security plugin exposes admin passwords  (Read 1708 times)

ergophobe

  • Inner Core
  • Hero Member
  • *
  • Posts: 9325
    • View Profile
All-In-One Security plugin exposes admin passwords
« on: July 12, 2023, 09:50:58 PM »
https://wordpress.org/support/topic/cleartext-passwords-written-to-aiowps_audit_log/

Passwords stored in plain text. According to the bug reporter, and not disputed by the plugin developer, "This is a HUGE issue. Anyone, like a contractor, has access to the username and passwords of all other site admins."