The wpCentral plugin before 1.5.1 for WordPress allows disclosure of the connection key.