VERY serious security issue with Gravatar in Brazil

  • Unknown's avatar
    dandrea · Member ·

    Hi,
    Since Gravatar support seems to be closed, I come here to talk about a serious issue with that in Brazil. It’s urgent and I have no time to write all the details now. So, I will be concise:

    Gravatar user photo appears without login (i.e., anyone who fill the required email information when commenting, will have the Gravatar photo published besides the comment!).

    I discovered that when I saw a comment with my Gravatar photo in the website of the famous Brazilian magazine: Veja. So, I made a test and, in fact, just the email (without login).

    I tested it here: http://veja.abril.com.br/blog/augusto-nunes/opiniao-2/dialogo-ou-novas-imposturas-de-fernando-henrique-cardoso/comment-page-16/#comment-2573935

    I don’t know how to tell Gravatar about that, because the support seems to be closed.

  • Unknown's avatar
    colourcottage · Member ·

    I don’t know if this is related (something up with gravatar.com) but I’ve had a lot of waiting time for my blog to load in the last few days and it appears one of the things it’s waiting for is the gravatars, such as loading the likes. It also affects the menu in the top so that I can’t click into the reader, stats or dashboard. Unrelated, it also muddles up the gallery until everything has loaded after, like, 10 minutes I’m guessing. (I go do other stuff every time I wait and do not time it.

    colourcottage.wordpress.com

  • The topic ‘VERY serious security issue with Gravatar in Brazil’ is closed to new replies.