Ticket #7790 (closed defect (bug): fixed)

Opened 3 years ago

Last modified 3 years ago

Log out actions should be protected against CSRF

Reported by: markjaquith Owned by: markjaquith
Priority: normal Milestone: 2.7
Component: Security Version: 2.7
Severity: normal Keywords:
Cc:

Description

Anyone can log you out of any WordPress install using CSRF (i.e. pointing you to the /wp-login.php?action=logout for that blog). This can aid in phishing attempts, and can have unforeseen security ramifications.

Log out actions should have their intention validated via nonce with fallback to AYS.

Attachments

7790.001.diff Download (7.4 KB) - added by markjaquith 3 years ago.
7790.002.diff Download (7.9 KB) - added by markjaquith 3 years ago.
7790.003.diff Download (8.2 KB) - added by ionfish 3 years ago.

Change History

  • Owner changed from anonymous to markjaquith
  • Status changed from new to assigned

7790.002.diff introduces the wp_logout_url() and wp_login_url() functions to make themes simpler.

Adding a redirect parameter to those functions would be useful.

ionfish3 years ago

This looks like a really neat idea.

  • Status changed from assigned to closed
  • Resolution set to fixed

(In [9025]) Protect log out actions against CSRF. Props markjaquith and ionfish. Fixes #7790.

Note: See TracTickets for help on using tickets.