If you own a Western Digital MyCloud device, you really should read this. The company is aware of the issue and is working on a fix.
I quickly found the first bug that shocked me, this bug was based on code that performed a user login check but did so using cookies or PHP session variables. Using cookies for authentication isn’t necessarily a bad thing, but the way that the Western Digital MyCloud interface uses them is the problem.