网络隐私工具 Pi-hole 的捐赠者名单被泄露

泄露数据包含捐赠者姓名和电子邮件地址, 泄露原因是该团队用于处理捐赠的 WordPress 第三方插件 GiveWP 出现安全漏洞, 直接将捐赠者名单输出在了网站源代码中.

[RESOLVED] GiveWP plugin is exposing donors name and email addresses directly in the source code · Issue #8042 · impress-org/givewp

● Have I Been Pwned: Pi-hole Data Breach
● Pi-hole Blog: Compromised Donor Emails: A post-mortem – Pi-hole

#News

via Fediverse@cxplay (author: @cxplay@sir.social)