Missing SSL can leak job token

Hello, Description: The Web app jobs.wordpress.net transmits sensitive data in cleartext in a communication channel that can be sniffed by unauthorized actors. Attack Scenario: Attacker simply monitors network traffic (like an open wireless network), and steals the user’s session cookie. Attacker then replays this cookie and hijacks the user’s session, accessing the user’s private data. This could leak Job token, leak user information and jobs created by users. Thanks, Diogo Real