[wp-trac] [WordPress Trac] #14682: Privacy leakage: gravatars leak identity information
WordPress Trac
noreply at wordpress.org
Fri May 11 15:35:12 UTC 2018
#14682: Privacy leakage: gravatars leak identity information
--------------------------+-----------------------
Reporter: jmdh | Owner: (none)
Type: defect (bug) | Status: reopened
Priority: normal | Milestone:
Component: Comments | Version: 3.0
Severity: normal | Resolution:
Keywords: | Focuses:
--------------------------+-----------------------
Changes (by chrisherbert):
* status: closed => reopened
* resolution: wontfix =>
Comment:
I think this issue deserves much more serious attention, especially now
that Gravatars are easily accessible in the /users and /comments REST
endpoints. I've created a tool that illustrates just how easy it is to
de-anonymize (some) email addresses using Gravatars:
[http://wordpressexpose.chrisgherbert.com].
--
Ticket URL: <https://core.trac.wordpress.org/ticket/14682#comment:35>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list