Make WordPress Core

Opened 5 years ago

Closed 5 years ago

#49256 closed defect (bug) (invalid)

Sensitive Data Exposure

Reported by: vishal05's profile vishal05 Owned by:
Milestone: Priority: normal
Severity: major Version: 5.3.2
Component: General Keywords:
Focuses: administration Cc:

Description

In wp-login.php we need to hide submitted password while login in wp-admin. Using Firebug we can able to see that plain text in password.

Note : I am using https in my site. You can see the image here : https://i.stack.imgur.com/Qwa90.png

Attachments (1)

Qwa90.png (83.7 KB) - added by vishal05 5 years ago.

Download all attachments as: .zip

Change History (2)

@vishal05
5 years ago

#1 @johnbillion
5 years ago

  • Milestone Awaiting Review deleted
  • Resolution set to invalid
  • Status changed from new to closed

You can see submitted passwords on any website via Firebug. This isn't specific to WordPress.

Note: See TracTickets for help on using tickets.