Security Issue: readers clicking through feedburner end up logged in as author!
-
I have had half-a-dozen readers contact me that when they click on the link from their email to see the latest blog post, the post shows them logged in as me. How can this happen? I have checked all of my readers priveleges and none of them have any authorship or admin rights. I can not see an obvious way to take the blog offline while I resolve. Please help.
Paul
The blog I need help with is: (visible only to logged in users)
-
OK – figured out how to “de-activate” by setting global privacy to invitees only; so blog is essentially offline as I have no invitees and only subsctibers. Question still remains as to how my readers could click on the link to view my blog and end up logged in as me with full acces rights to my blog including ability to delete it…
-
This is something you’ll need to ask over at the feed burner forums
because they know how their software works better. http://groups.google.com/group/feedburner -
w-o-w-!
Could you inform me when you’ve found a solution? Either in this topic or with a comment on my blog.
Thanks.– Lora
-
I just went to your blog and got the link to your feed.
In a browser that never ever logs into wordpress.com I used that link and your posts are normal.There is NO known security issue.
If you believe there is please send every possible detail to Support. Please do not post here. Use the link at the bottom.
-
Each one of the readers that reported this issue were individuals that I had shown my blog to – in person at their homes. My credentials must have been cached in their browser…i have had no repeat issue and each individual logged out and was not able to re-produce. Sorry for the alarm, but it seemed pretty real until I pieced it together…Paul.
- The topic ‘Security Issue: readers clicking through feedburner end up logged in as author!’ is closed to new replies.
WordPress.com Forums 