Tinder does not encrypt the photos you swipe on, which means a potential hacker who shares the same Wi-Fi network as you could see who you are swiping on.
Researchers at Checkmarx said they discovered the vulnerability in the Android and iOS versions of the Tinder app.
The researchers then built an application called TinderDrift to demonstrate how the exploit could be used.
The report noted that Tinder does encrypt messages and its swipe commands, but, “like”, “dislike”, and “super like” each have a specific signature.
This means TinderDrift can see which profiles you were interested in.
An attacker can also change the images you see, swapping them with inappropriate or malicious content.