Internet Security

A popular WordPress plugin leaked access tokens capable of hijacking Twitter accounts

A popular WordPress plugin, installed on thousands of websites to help users share content on social media sites, left linked Twitter accounts exposed to compromise. The plugin, Social Network Tabs, was storing so-called account access tokens in the source code of the WordPress website. Anyone who viewed the source code could see the linked Twitter…

Published 7 years ago in
A popular WordPress plugin leaked access tokens capable of hijacking Twitter accounts


A popular WordPressplugin, installed on thousands of websites to help users share content on social media sites, left linked Twitteraccounts exposed to compromise.

The plugin, Social Network Tabs, was storing so-called account access tokens in the source code of the WordPress website. Anyone who viewed the source code could see the linked Twitter handle and the access tokens. These access tokens keep you logged in to the website on your phone and your computer without having to re-type your password every time or entering your two-factor authentication code.

But if stolen, most sites can’t differentiate between a token used by the account owner or a hacker who stole the token.

Baptiste Robert, a French security researcher who goes by the online handle Elliot Alderson, found the vulnerability and shared details with TechCrunch. He later tweeted details of the bug on Thursday.

In order to test the bug, Robert found 539

Read More

Be the first to write a comment.

Leave a Reply

Your email address will not be published. Required fields are marked *

Internet Security

The new scam that could target anyone scrolling social media

Cybersecurity experts are warning Australia’s impending social media ban could lead to a rise in a new type of scam — with devastating consequences…

Published 5 days ago in
The new scam that could target anyone scrolling social media

Cybersecurity experts are warning Australia’s impending social media ban could lead to a rise in a new type of scam — with devastating consequences…
Read More

Continue Reading
Internet Security

Chinese Ministry of National Security Warns of Risks Associated With Biometric Recognition Technology

The Chinese Ministry of National Security has issued a warning regarding the potential risks associated with biometric recognition technology, highlighting concerns over data security and privacy. The ministry emphasized that while biometric systems, such as facial recognition, iris scanning, and fingerprint scanning, offer convenience in daily life…

Published 6 days ago in
Chinese Ministry of National Security Warns of Risks Associated With Biometric Recognition Technology

The Chinese Ministry of National Security has issued a warning regarding the potential risks associated with biometric recognition technology, highlighting concerns over data security and privacy. The ministry emphasized that while biometric systems, such as facial recognition, iris scanning, and fingerprint scanning, offer convenience in daily life…
Read More

Continue Reading
Internet Security

Kristi Noem’s DHS adds blasphemy to its list of offenses

Twice in the past month, the Department of Homeland Security has posted Bible-themed propaganda on its social media accounts to defend its deportation agenda…

Published 7 days ago in
Kristi Noem’s DHS adds blasphemy to its list of offenses

Twice in the past month, the Department of Homeland Security has posted Bible-themed propaganda on its social media accounts to defend its deportation agenda…
Read More

Continue Reading
Internet Security

Home Office to crack down on promoting small boat crossings online

Anyone who advertises small boat Channel crossings or fake passports on social media could face up to five years in prison under new plans. Ministers are seeking to create a new offence under the Border Security, Asylum and Immigration Bill already going through Parliament, to widen its scope to tackle illegal entry to the UK…

Published 1 week ago in
Home Office to crack down on promoting small boat crossings online

Anyone who advertises small boat Channel crossings or fake passports on social media could face up to five years in prison under new plans. Ministers are seeking to create a new offence under the Border Security, Asylum and Immigration Bill already going through Parliament, to widen its scope to tackle illegal entry to the UK…
Read More

Continue Reading