Skip to content

Tag Archives: WordPress

Wordpress Cookie Authentication Vulnerability

Wordpress Cookie Authentication Vulnerability
Original release date: 2007-11-19
Last revised: 2007-11-19
Latest version: http://www.cl.cam.ac.uk/users/sjm217/advisories/wordpress-cookie-auth.txt
CVE ID:

Source: Steven J. Murdoch http://www.cl.cam.ac.uk/users/sjm217/
Systems Affected:
Wordpress 1.5 — 2.3.1 (including current version, as of 2007-11-19)
Overview:
With read-only access to the Wordpress database, it is possible to generate a valid login cookie for any account, without resorting [...]

Posted 07 May 2008 admin § Uncategorized Comments (0) ° Also tagged: , ,