Security Advisory

CVE-2014-0166

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2014-04-09 23:00:00

Last updated 2024-08-06 09:05:39

Assigner redhat

State PUBLISHED

Description

The wp_validate_auth_cookie function in wp-includes/pluggable.php in WordPress before 3.7.2 and 3.8.x before 3.8.2 does not properly determine the validity of authentication cookies, which makes it easier for remote attackers to obtain access via a forged cookie.

← Browse all CVEs View on cve.org ↗