[Plugin: Lifestream] Insecure Logging Disable Logs Logs Access
Is there a possibility to disable logging? Why do I ask.
BEcause the logging is very unsecure. When an error occurs for example in fetching a twitterfeed from my userstatus in the error logs the username and plaintext password is visible in the error. Not aproblem if it is only visible to me.
BUT, when another user logs in (a subscriber or author) the lifestream errors are visible. And my twitter username AND PASSWORD is visible to everyone…
Asking to be hacked I would say.
Is there a solution to this?
- The topic ‘[Plugin: Lifestream] Insecure Logging Disable Logs Logs Access’ is closed to new replies.