The vulnerability in WordPress became the reason of a data leakage of users of mail of Yahoo!
Swindlers got access to sessional cookies-files of users of the Yahoo! service.
Experts from BitDefender found that compromised user account email service Yahoo! occurred because the gaps that existed in WordPress.
Note that the hole was fixed in April 2012. On the domain of developers Yahoo! developer.yahoo.com was posted blog WordPress, administrators have not updated it in a timely manner. Thus, after his compromise hackers could gain access to all the session cookies-file for the domain yahoo . com .
Using the hole in WordPress, attackers could send all session cookies-files to their fake sites and take control of the accounts Yahoo!.
Currently, representatives of service to eliminate the consequences be compromised, and the vulnerability of the blog WordPress.
While hackers and did not get passwords, they can read and send emails were victims. In particular, they can determine which services are “tied” e-mail account by, for example, social networks. This information could provide the ability to query and change the password, so as to crack the user profiles on the resource side.