CVE-2016-10986

The tweet-wheel plugin before 1.0.3.3 for WordPress has XSS via consumerkey, consumersecret, accesstoken, and accesstokensecret...

X (Formerly Twitter): [Urgent] Invalidating OAuth2 Bearer token makes TweetDeck unavailable

First of all, really sorry for the unintentional DoS : I was testing it with a fresh bearer token but copied the production one accidentally. Details I've noticed that TweetDeck is using OAuth2 to issue requests Authorization Bearer token: http GET...