[Plugin: Lifestream] Insecure Logging Disable Logs Logs Access
-
Is there a possibility to disable logging? Why do I ask.
BEcause the logging is very unsecure. When an error occurs for example in fetching a twitterfeed from my userstatus in the error logs the username and plaintext password is visible in the error. Not aproblem if it is only visible to me.
BUT, when another user logs in (a subscriber or author) the lifestream errors are visible. And my twitter username AND PASSWORD is visible to everyone…
VERY UNSECURE!
Asking to be hacked I would say.
Is there a solution to this?
- The topic ‘[Plugin: Lifestream] Insecure Logging Disable Logs Logs Access’ is closed to new replies.
