WordPress.org

Make WordPress Core

Opened 6 years ago

Closed 6 years ago

#7790 closed defect (bug) (fixed)

Log out actions should be protected against CSRF

Reported by: markjaquith Owned by: markjaquith
Milestone: 2.7 Priority: normal
Severity: normal Version: 2.7
Component: Security Keywords:
Focuses: Cc:

Description

Anyone can log you out of any WordPress install using CSRF (i.e. pointing you to the /wp-login.php?action=logout for that blog). This can aid in phishing attempts, and can have unforeseen security ramifications.

Log out actions should have their intention validated via nonce with fallback to AYS.

Attachments (3)

7790.001.diff (7.4 KB) - added by markjaquith 6 years ago.
7790.002.diff (7.9 KB) - added by markjaquith 6 years ago.
7790.003.diff (8.2 KB) - added by ionfish 6 years ago.

Download all attachments as: .zip

Change History (7)

markjaquith6 years ago

markjaquith6 years ago

comment:1 markjaquith6 years ago

  • Owner changed from anonymous to markjaquith
  • Status changed from new to assigned

7790.002.diff introduces the wp_logout_url() and wp_login_url() functions to make themes simpler.

comment:2 ionfish6 years ago

Adding a redirect parameter to those functions would be useful.

ionfish6 years ago

comment:3 westi6 years ago

This looks like a really neat idea.

comment:4 westi6 years ago

  • Resolution set to fixed
  • Status changed from assigned to closed

(In [9025]) Protect log out actions against CSRF. Props markjaquith and ionfish. Fixes #7790.

Note: See TracTickets for help on using tickets.