CVE-2023-44142 WordPress Inactive Logout plugin <= 3.2.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in Deepen Bajracharya Inactive Logout inactive-logout allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Inactive Logout: from n/a through = 3.2.2...

WordPress plugin Inactive Logout 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin ... A security vulnerability...

CVE-2023-25454 WordPress Protected Posts Logout Button plugin <= 1.4.5 - Broken Access Control vulnerability

Missing Authorization vulnerability in Nate Reist Protected Posts Logout Button allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Protected Posts Logout Button: from n/a through 1.4.5...

CVE-2023-25454

CVE-2023-25454 maps to the WordPress Protected Posts Logout Button plugin vulnerability (

CVE-2023-0657

A flaw was found in Keycloak. This issue occurs due to improperly enforcing token types when validating signatures locally. This could allow an authenticated attacker to exchange a logout token for an access token and possibly gain access to data outside of enforced permissions...

CVE-2023-0657 Keycloak: impersonation via logout token exchange

A flaw was found in Keycloak. This issue occurs due to improperly enforcing token types when validating signatures locally. This could allow an authenticated attacker to exchange a logout token for an access token and possibly gain access to data outside of enforced permissions...

CVE-2023-0657 Keycloak: impersonation via logout token exchange

A flaw was found in Keycloak. This issue occurs due to improperly enforcing token types when validating signatures locally. This could allow an authenticated attacker to exchange a logout token for an access token and possibly gain access to data outside of enforced permissions...

CVE-2024-52311

Authentication tokens issued via Cognito in data.all are not invalidated on log out, allowing for previously authenticated user to continue execution of authorized API Requests until token is expired...

CVE-2024-52311

Authentication tokens issued via Cognito in data.all are not invalidated on log out, allowing for previously authenticated user to continue execution of authorized API Requests until token is expired...

CVE-2024-52311 data.all does not invalidate authentication token upon user logout

Authentication tokens issued via Cognito in data.all are not invalidated on log out, allowing for previously authenticated user to continue execution of authorized API Requests until token is expired...

CVE-2024-52311 data.all does not invalidate authentication token upon user logout

Authentication tokens issued via Cognito in data.all are not invalidated on log out, allowing for previously authenticated user to continue execution of authorized API Requests until token is expired...

data.all 安全漏洞

data.all is an open source development framework from data-dot-all open source. A security vulnerability exists in data.all that stems from the fact that authentication tokens issued via Cognito in data.all do not expire upon logout, allowing previously authenticated users to continue to perform...

PT-2024-35171 · Amazon · Amazon Cognito

Name of the Vulnerable Software and Affected Versions: Amazon Cognito affected versions not specified Description: The issue allows previously authenticated users to continue executing authorized API requests until their authentication token expires, even after logging out. This is because...

Session Fixation

Umbraco is vulnerable to Session Fixation. The vulnerability is due to a session timeout discrepancy where the Backoffice logout page displays a session timeout message before the server session expires, leading users to believe they are logged out about 30 seconds early. It allows an attacker to...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the net/mlx5 module failing to properly log out of the notifier when eswitch initialization fails, which cou...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a race condition during the handling of smb2 session logout and setup, which could lead to memory reuse afte...

Doppler: Availability Impact from Exploiting Project Name Vulnerabilities

The vulnerability allowed a user to change the project name to a malicious string, which resulted in other users being logged out of their accounts when they attempted to access the project. This led to a denial of service for all users attempting to interact with the affected project, severely...

GHSA-FP6Q-GCCW-7QQM Umbraco CMS logout page displayed before session expiration

Impact The Backoffice displays the logout page with a session timeout message before the server session has fully expired, causing users to believe they have been logged out approximately 30 seconds before they actually are...

Umbraco CMS logout page displayed before session expiration

Impact The Backoffice displays the logout page with a session timeout message before the server session has fully expired, causing users to believe they have been logged out approximately 30 seconds before they actually are...

Umbraco CMS 授权问题漏洞

Umbraco CMS is a content management system from Umbraco, Denmark. An authorization issue vulnerability exists in Umbraco CMS that stems from a server session not being fully terminated during an explicit logout...