WordPress.org

Make WordPress Core

Opened 6 weeks ago

Last modified 5 weeks ago

#49258 new defect (bug)

Improper Session Termination

Reported by: vishal05 Owned by:
Milestone: Awaiting Review Priority: normal
Severity: normal Version: 5.1.1
Component: Users Keywords:
Focuses: administration Cc:

Description

After Logout into wordpress back-end when we press “Back” button of the browser an authenticated page got displayed without entering any valid credentials.

Change History (2)

#1 @SergeyBiryukov
6 weeks ago

  • Component changed from General to Users

#2 @ayeshrajans
5 weeks ago

Shameless self-plug to a plugin I have put together that helps mitigate this with Clear-Site-Data HTTP header: https://wordpress.org/plugins/clear-logout/

Note: See TracTickets for help on using tickets.