[wp-trac] [WordPress Trac] #38474: wp_signups.activation_key stores activation keys in plain text
WordPress Trac
noreply at wordpress.org
Mon Mar 31 07:27:08 UTC 2025
#38474: wp_signups.activation_key stores activation keys in plain text
-------------------------------------+-----------------------------
Reporter: tomdxw | Owner: SergeyBiryukov
Type: enhancement | Status: reviewing
Priority: normal | Milestone: Future Release
Component: Security | Version: 4.6.1
Severity: normal | Resolution:
Keywords: has-patch needs-testing | Focuses: multisite
-------------------------------------+-----------------------------
Comment (by beyernreich):
Replying to [comment:20 Morno]:
> when will this be resolved?
I would also be very happy if this security gap were resolved. Otherwise
it will be harder to argue to customers that WordPress can be a secure
platform for web applications.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/38474#comment:21>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list