News Room

News from Wintercorn about Joomla!, WordPress and other tech subjects

Moonpig security hole still unpatched after 17 months

Unhappy PigMoonpig, the online personalised card company, has been accused of a shockingly sloppy attitude to security, after apparently leaving a serious hole in its security unpatched.  
 
The vulnerability, which was said to have been first reported to Moonpig back in August 2013 (yes, 2013) allows anyone with a modicum of programming knowledge to access the names, dates of birth, email and home addresses of the company’s 3.6 million customers.  
 
All that it takes is to change the Customer ID number sent in an API request. No authentication is required.
Read the full story at welivesecurity
Print   Email

About Us

Wintercorn are Joomla! and WordPress specialists based in Norwich but with clients across the U.K., Europe, Middle East, Australia and the United States.

We build, manage and support mission-critical Joomla! and WordPress sites for professional organisations around the globe who care about their brand.

It's all we do, every day. 

Joomla!WordPress

Contact Us