The MalCare team released an article challenging the notion that session cookie hijacking is responsible for 60% of WordPress website hacks.
Anit Khandewal @ malcare.com• 1 month ago
Calvin Alkan @ twitter.com• 8 months ago
Security issue – MalCare, BlogVault, and WPRemote apparently store some credentials unencrypted in the database which isn’t a best practice. Reported to them about 3 months ago by Calvin Alkan. Apparently WP Umbrella had a similar issue that was fixed in a day or two.