Kim Kardashian poses for photos to attend the launch clothing line in Sao Paulo, Brazil on March 11, 2015.
Felipe Rau—AP
Kim Kardashian poses for photos to attend the launch clothing line in Sao Paulo, Brazil on March 11, 2015.

The website contains at least 15 security flaws that could be exploited for a variety of attacks

If you’re a Kim Kardashian superfan, you might be super screwed.

Kardashian’s personal website is full of security holes that put visitors at risk of malware and potential identity theft, the Daily Dot has learned.

In early April, security researcher and university student Jamie Woodruff discovered over a dozen security vulnerabilities in Kardashian’s website, KimKardashian.com. Woodruff says he immediately reported the security flaws to the site’s administrator, which he corroborated in an April 10 email shared with the Daily Dot. He says he also tweeted directly to Kardashian and her media-relations representatives. More than a month later, Woodruff has yet to receive a response.

The vulnerabilities Woodruff discovered not only put the integrity of the site at risk, he warns, but ostensibly the personal information of tens of thousands of fans.

“If the fans use the website, they could be at risk of downloading infected software; or worse, their information could be stolen from the database,” Woodruff said. He notes that the user passwords stored by WordPress are probably easy to decrypt, and that all too often people reuse passwords for more crucial purposes, like securing their bank accounts.

Read the rest of the story at the Daily Dot.