CVE-2014-0166

2014-04-10T00:55:00
ID CVE-2014-0166
Type cve
Reporter cve@mitre.org
Modified 2017-12-16T02:29:00

Description

The wp_validate_auth_cookie function in wp-includes/pluggable.php in WordPress before 3.7.2 and 3.8.x before 3.8.2 does not properly determine the validity of authentication cookies, which makes it easier for remote attackers to obtain access via a forged cookie.