Make WordPress Core

Opened 10 years ago

Closed 10 years ago

#7790 closed defect (bug) (fixed)

Log out actions should be protected against CSRF

Reported by: markjaquith Owned by: markjaquith
Milestone: 2.7 Priority: normal
Severity: normal Version: 2.7
Component: Security Keywords:
Focuses: Cc:


Anyone can log you out of any WordPress install using CSRF (i.e. pointing you to the /wp-login.php?action=logout for that blog). This can aid in phishing attempts, and can have unforeseen security ramifications.

Log out actions should have their intention validated via nonce with fallback to AYS.

Attachments (3)

7790.001.diff (7.4 KB) - added by markjaquith 10 years ago.
7790.002.diff (7.9 KB) - added by markjaquith 10 years ago.
7790.003.diff (8.2 KB) - added by ionfish 10 years ago.

Download all attachments as: .zip

Change History (7)

#1 @markjaquith
10 years ago

  • Owner changed from anonymous to markjaquith
  • Status changed from new to assigned

7790.002.diff introduces the wp_logout_url() and wp_login_url() functions to make themes simpler.

#2 @ionfish
10 years ago

Adding a redirect parameter to those functions would be useful.

10 years ago

#3 @westi
10 years ago

This looks like a really neat idea.

#4 @westi
10 years ago

  • Resolution set to fixed
  • Status changed from assigned to closed

(In [9025]) Protect log out actions against CSRF. Props markjaquith and ionfish. Fixes #7790.

Note: See TracTickets for help on using tickets.