Make WordPress Core

Opened 9 years ago

Closed 9 years ago

#7790 closed defect (bug) (fixed)

Log out actions should be protected against CSRF

Reported by: markjaquith Owned by: markjaquith
Milestone: 2.7 Priority: normal
Severity: normal Version: 2.7
Component: Security Keywords:
Focuses: Cc:


Anyone can log you out of any WordPress install using CSRF (i.e. pointing you to the /wp-login.php?action=logout for that blog). This can aid in phishing attempts, and can have unforeseen security ramifications.

Log out actions should have their intention validated via nonce with fallback to AYS.

Attachments (3)

7790.001.diff (7.4 KB) - added by markjaquith 9 years ago.
7790.002.diff (7.9 KB) - added by markjaquith 9 years ago.
7790.003.diff (8.2 KB) - added by ionfish 9 years ago.

Download all attachments as: .zip

Change History (7)

9 years ago

9 years ago

#1 @markjaquith
9 years ago

  • Owner changed from anonymous to markjaquith
  • Status changed from new to assigned

7790.002.diff introduces the wp_logout_url() and wp_login_url() functions to make themes simpler.

#2 @ionfish
9 years ago

Adding a redirect parameter to those functions would be useful.

9 years ago

#3 @westi
9 years ago

This looks like a really neat idea.

#4 @westi
9 years ago

  • Resolution set to fixed
  • Status changed from assigned to closed

(In [9025]) Protect log out actions against CSRF. Props markjaquith and ionfish. Fixes #7790.

Note: See TracTickets for help on using tickets.