WordPress.org

Ready to get started?Download WordPress

Forums

Social Login
Session not cleared after logging out (Facebook Connect) (1 post)

  1. fozter1967
    Member
    Posted 1 year ago #

    Plugin Version: Social Login 3.2

    Problem: Facebook session cookies not clearing on logout from WP. Subsequent logins using Facebook connector automatically log in last authenticated user, with no opportunity to enter or change credentials

    Steps to reproduce: Login using Facebook connector, logout, then login again using Facebook connector.

    This presents a rather major security problem as logging out of WP does not clear the Facebook session cookies, meaning the next user can simply click "Connect with: Facebook" and get access to both WP and Facebook accounts of the last user.

    http://wordpress.org/extend/plugins/oa-social-login/

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic