#49068 closed defect (bug) (duplicate)
wp-login.php is available to a user after authentication
Reported by: | henry.wright | Owned by: | |
---|---|---|---|
Milestone: | Priority: | normal | |
Severity: | normal | Version: | |
Component: | Login and Registration | Keywords: | |
Focuses: | Cc: |
Description
A user can continue to access wp-login.php after they are authenticated if they visit example.com/wp-login.php.
Unless there is a reason why wp-login.php should be accessible if a user has already authenticated I propose we restrict access to stop a form being shown to them if they visit the page directly.
Change History (3)
Note: See
TracTickets for help on using
tickets.
Duplicate of #41533.