Lucene search
+L

CVE-2012-5868

🗓️ 27 Dec 2012 11:00:00Reported by mitreType 
cve
 cve
🔗 web.nvd.nist.gov👁 64 Views🌐 WEB

WordPress 3.4.2 does not invalidate session cookie upon logou

Related
Detection
Refs
Paths
ReporterTitlePublishedViews
Family
Cvelist
CVE-2012-5868
27 Dec 201211:00
cvelist
Debian CVE
CVE-2012-5868
27 Dec 201211:00
debiancve
EUVD
EUVD-2012-5746
7 Oct 202500:30
euvd
NVD
CVE-2012-5868
27 Dec 201211:47
nvd
OpenVAS
WordPress <= 3.4.2 Multiple Vulnerabilities
8 Dec 202200:00
openvas
OSV
CVE-2012-5868
27 Dec 201211:47
osv
OSV
DEBIAN-CVE-2012-5868
27 Dec 201211:47
osv
OSV
UBUNTU-CVE-2012-5868
27 Dec 201211:47
osv
Patchstack
WordPress <= 3.4.2
14 Nov 201200:00
patchstack
Prion
Design/Logic Flaw
27 Dec 201211:47
prion
Rows per page
NVD
Node
ParameterPositionPathDescriptionCWE
wordpress_secheaderdomainame.com/wp-login.php?action=logoutLogout does not invalidate the wordpress_sec session cookie; an attacker with a valid session cookie can reuse it to access admin resources.CWE-200
wordpress_secheaderdomainname.com/wp-admin/profile.phpAttacker can reuse a valid wordpress_sec cookie to access admin area after logout, enabling privilege access.CWE-200

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

16 Jun 2026 23:47Current
6.6Medium risk
Vulners AI Score6.6
CVSS 22.6
EPSS0.02432
64