WordPress.org

Ready to get started?Download WordPress

Forums

Admin Login As Different User
Massive security hole in wp-userlogin.php? (4 posts)

  1. ciantic
    Member
    Posted 2 years ago #

    Hi!

    Check out the contents of wp-userlogin.php, it does not check the current user's credentials anywhere. I mean it should include in the beginning something like:

    if (!current_user_can("administrator"))
        return;

    I haven't used the plugin yet, but attacker could simply POST user_name to wp-userlogin.php and login as anyone whom the like?

    To fix it see this: http://codex.wordpress.org/Function_Reference/current_user_can

    http://wordpress.org/extend/plugins/admin-login-as-different-user/

  2. Brad Touesnard
    Member
    Posted 1 year ago #

    Agreed, I see the security hole as well. This plugin is unsafe in its current form: version 1.0. A novice attacker could easily construct an HTTP POST request that would give them access to the 'admin' user account.

  3. KARTHOST
    Member
    Posted 1 year ago #

    Does anyone know if there is another safe plugin that does something similar?

  4. John Blackbourn
    Member
    Posted 1 year ago #

    Karthost, check out my User Switching plugin: http://wordpress.org/extend/plugins/user-switching/

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic