https://techcrunch.com/2019/04/02/wordpress-bug-account-tokens/

WordPress said it’s fixed a bug in its iOS app that inadvertently exposed account tokens to third-party sites.

In an email to customers seen by TechCrunch, the content management giant said it “uncovered an issue with the WordPress iOS application with how it handles security credentials.” The company has disconnected affected accounts from the app “as a precaution.”