Password failure in Wordpress Plugin
One of the great features of Wordpress is the wide variety of plugins available. They often enable a lot of interesting functionality and integrations to other services not native to Wordpress itself. Most of these plugins are developed by individuals or small teams independent of the core community - and often not with a keen interest in security, but an exclusive focus on “making stuff work”.
I’ve been using the Wordpress “Google AdSense Dashboard” for awhile, and after the recent host of password leaks, I’ve been changing and upgrading password all around.