ThreatPress

WordPress Vulnerabilities Database

Back

WordPress <= 2.3.1 - Cookie Authentication Vulnerability

Product
WordPress
Description
Because of this vulnerability, the attackers can bypass authentication by obtaining the MD5 hash from the user database, then generating the authentication cookie from that hash.
Solution
Update WordPress.
Classification
Type BYPASS
References
CVE Mitre
CVE
Name CVE-2007-6013
Versions
Affected In <= 2.3.1
Fixed In 2.3.2
Disclosure date
2007-11-19