The vulnerability allowed unauthorized disclosure of private email addresses of WakaTime users through the private leaderboards feature. The email addresses were exposed to leaderboard creators and me ...
Continue Reading
September 14, 2025
Vulnerability description not...Read More ...
Continue Reading
September 14, 2025
Vulnerability description not...Read More ...
Continue Reading
September 14, 2025
Vulnerability description not...Read More ...
Continue Reading
September 14, 2025
Vulnerability description not...Read More ...
Continue Reading
September 14, 2025
The WakaTime OAuth authorization flow was vulnerable to a double-clickjacking attack. The attack allowed an attacker to trick users into unknowingly clicking the "Connect my WakaTime account& ...
Continue Reading
September 14, 2025
Vulnerability description not...Read More ...
Continue Reading
September 14, 2025
Vulnerability description not...Read More ...
Continue Reading
September 14, 2025
Back to Main
