Posted by Scott Arciszewski on Feb 12

Ticket opened: 2014-06-25
Affected Versions: ALL
Problem: No CSPRNG
Patch available, collecting dust because of negligent (and questionably
competent) WP maintainers

On June 25, 2014 I opened a ticked on WordPress’s issue tracker to expose a
cryptographically secure pseudorandom number generator, since none was
present (although it looks like others have tried to hack together a
band-aid solution to mitigate php_mt_seed until WordPress gets…