Click For Photo: https://techcrunch.com/wp-content/uploads/2019/01/GettyImages-868706106.jpg?w=602
A popular WordPress plugin, installed on thousands of websites to help users share content on social media sites, left linked Twitter accounts exposed to compromise.
The plugin, Social Network Tabs, was storing so-called account access tokens in the source code of the WordPress website. Anyone who viewed the source code could see the linked Twitter handle and the access tokens. These access tokens keep you logged in to the website on your phone and your computer without having to re-type your password every time or entering your two-factor authentication code.
Sites - Token - Account - Owner - Hacker
But if stolen, most sites can’t differentiate between a token used by the account owner, or a hacker who stole the token.
Baptiste Robert, a French security researcher who goes by the online handle Elliot Alderson, found the vulnerability and shared details with TechCrunch.
Order - Bug - Robert - Websites - Code
In order to test the bug, Robert found 539 websites using the vulnerable code by searching PublicWWW, a website source code search engine. He then wrote a proof-of-concept script that scraped the publicly available code from the affected websites, collecting access tokens on more than than 400 linked Twitter accounts.
Using the obtained access tokens, Robert tested their permissions by directing those accounts to ‘favorite’ a tweet of his choosing over a hundred times. This confirmed that the exposed account keys had...
Wake Up To Breaking News!