Re: The OAuth2 Complete plugin for WordPress uses a pseudorandom number generator which is non-cryptographically secure (WordPress plugin)

August 17, 2015 007admin Leave a comment

Posted by dxw Security on Aug 18

HI Scott

Yes, this does indeed only affect older versions of PHP – I’m sorry if that wasn’t clear in our advisory. Check the
“mitigations” section: “ensure that you are using a recent version of php (at least 5.3)”

Sadly over 13% of WordPress sites are still using PHP 5.2 according to their stats: https://wordpress.org/about/stats/
<https://wordpress.org/about/stats/>

Regards

Duncan

—
Duncan Stuart (@dgmstuart)…

007 Software

Re: The OAuth2 Complete plugin for WordPress uses a pseudorandom number generator which is non-cryptographically secure (WordPress plugin)

Leave a Reply Cancel reply

Software and Security Information