CVE-2012-5868 Information
Share on:
Feb 14, 2021
cve
Description
WordPress 3.4.2 does not invalidate a wordpress_sec session cookie upon an administrator’s logout action which makes it easier for remote attackers to discover valid session identifiers via a brute-force attack or modify data via a replay attack.