Wordpress Fail - Unsafe cookies leave WordPress accounts open to hijacking, 2-factor bypass

Unsafe cookies leave WordPress accounts open to hijacking, 2-factor bypass – ouch.

tl;dr:

Memo to anyone who logs in to a WordPress.com-hosted blog from a public Wi-Fi connection or other unsecured network: It's trivial for the script kiddie a few tables down to hijack your site even if it's protected by two-factor authentication.

Posted on Wednesday, May 28, 2014 10:39 PM |

Like this? Share it!

No comments posted yet.

Post a comment
Please add 7 and 6 and type the answer here:
Remember me?
Ensure the word in this box says 'orange':