Leaked API Key when using SendGrid

  • Resolved mgrebin

    (@mgrebin)


    1 year, 7 months ago

    Hey,

    if you use SendGrid as an E-Mail Provider, the API Key is leaked in the input field if you inspect the site.

    So if an attacker has access to a WordPress Admin Account, he can access the API Key and potentially send E-mails from your Domain via SMTP Relay.

Viewing 1 replies (of 1 total)
  • Plugin Support Victoria Sakal

    (@sakalvictoria)

    1 year, 7 months ago

    Hi, @mgrebin!

    Thanks for getting in touch and providing the feedback.

    Please note that this behavior will be changed in the next release, so there will be no possibility of getting these details when you inspect the website.

    Kind regards.

Viewing 1 replies (of 1 total)

The topic ‘Leaked API Key when using SendGrid’ is closed to new replies.