WordPress Security Plugin Caught Logging Plaintext Passwords

WordPress Security Plugin Caught Logging Plaintext Passwords

According to several reports, the All-In-One Security (AIOS) WordPress plugin has been logging plaintext passwords from user login attempts. The plugin, which is currently installed on more than one million Wordpress sites, was originally designed to prevent cyberattacks. Understandably, AIOS is now under heavy scrutiny for what many users call an unjustifiable breach of privacy, especially for a plugin that prides itself on security.

Robert Reeve

Posted July 17, 2023

Posted Jul 17, 2023

Users identified the AIOS issue almost two weeks ago. Many began to complain about the problem on the plugin’s forums. In brief, the issue allowed any user with admin rights to access the login credentials of all other administrator users. Understandably, this has led to outrage among the AIOS community.

AIOS claims that the password-logging problem was the result of a bug. In response, the development team released an update, version 5.2.0, to address the issue and remove all logged passwords from their database. Although this change seems to have rectified the core problem, AIOS aren’t out of the woods yet. Many users report that version 5.2.0 is causing their websites to break. In addition, WordPress statistics show us that hundreds of thousands of users are still using the vulnerable, outdated version of the plugin. Evidently, AIOS still has a long way to go to fully rectify their mistake.

The biggest question mark surrounding this whole situation is why AIOS is yet to step forward and recommend that all users change their passwords, especially if they utilize the same password for multiple sites. All in all, this is a worrying time for AIOS. Whether their reputation will recover from this event remains to be seen.

Robert Reeve

Robert Reeve

Robert is an experienced marketing professional with extensive experience working with brands to refine go-to-market plans, SEO campaigns, and content marketing strategies. A committed writer with a keen eye on the latest developments, Robert specialises in producing content across all things tech and marketing.

Read Next

The 10 Best Logos of 2023 – Ranked

The 10 Best Logos of 2023 – Ranked

We’ve witnessed a plethora of exciting logo designs in 2023. Some have been absolutely awful (we’ll miss you, Twitter). Others have been incredible and a much-needed breath of fresh air…

Shelley Cooke December 22, 2023 Dec 22, 2023
Weekly Design News #2

Weekly Design News #2

7 Important Visual Hierarchy Design Principles 2023 This article discusses the most important visual hierarchy design principles that new designers need to follow if they want their app interfaces or…

Louise North September 24, 2023 Sep 24, 2023
Weekly Design News #1

Weekly Design News #1

Every Sunday we’re rounding up the best of the previous week’s stories from webdesignernews.com, and in this issue #1, we picked typography trends, creating a parallax slider with Anime.js, and…

Louise North September 16, 2023 Sep 16, 2023
S U B S C R I B E N O W

Join to our thriving community of like-minded creatives!