Cyber Patrol: WordPress Security Alert

Be advised, if you use WordPress, like 30% of the ENTIRE internet, then you will want to know about a weakness within the app they provide for website admins to manage many sites from one application linked through their Jetpack program. In WordPress words:

Hello,
We’re reaching out to let you know we recently uncovered an issue with the WordPress iOS application with how it handles security credentials. We haven’t seen any suspicious or malicious activity on your account, but we’ve disconnected your app from your account as a precaution.


The issue created the potential of exposing security credentials to third-party websites, and only affected private websites with images hosted externally (e.g., with a service like Flickr) that were viewed or composed with the app. We’ve fixed the issue and released an updated version of the app to the App Store. The potential exposure was of security tokens that the app uses to communicate/authenticate with WordPress.com. (No usernames or passwords were compromised here.)


We went ahead and disconnected your account from your app to remove the existing security credentials, preventing any possible misuse of the security credentials, until you update to the new, more secure version of the app.


To start using the app again, make sure you’ve updated WordPress iOS to 11.9.1 or greater. You can check for updates in the App Store on your device and tap the “more” button to see the release notes, which list the version number. Once you’ve updated, launch the app. You may notice errors about not being authorized and data will not load, or be prompted to log in. If you’re not prompted to log in, visit the Me tab and tap Log Out, then sign back in. You’re all set!


The WordPress.com Team

As a word to the the wise, make sure your WordPress app is secure. 8f you experience trouble logging in, or connectivity problems, reach out to WordPress before sensitive data is compromised!

Comms


Members

Who’s Online

There are no users currently online
Subscribe
%d bloggers like this: