via pluginvulnerabilities.com => original post link
Last November GoDaddy, which heavily markets themselves to the WordPress community, disclosed a massive breach of the data on customers using the managed WordPress hosting service. A stunning element of that was that they were still storing customers’ passwords in non-hashed form, despite that being a big security no-no for easily over a decade. If they hadn’t been improperly storing those passwords, the damage from the breach would have been more limited. It turns out that another web host marketing itself to the WordPress community is still doing that now.
Cloudways is heavily marketing themselves in the WordPress community. That includes through Post Status (alongside to GoDaddy entities, GoDaddy Pro and Pagely): [Read more]