[Plugin: Social Login] Session not cleared after logging out (Facebook Connect)
-
Plugin Version: Social Login 3.2
Problem: Facebook session cookies not clearing on logout from WP. Subsequent logins using Facebook connector automatically log in last authenticated user, with no opportunity to enter or change credentials
Steps to reproduce: Login using Facebook connector, logout, then login again using Facebook connector.
This presents a rather major security problem as logging out of WP does not clear the Facebook session cookies, meaning the next user can simply click “Connect with: Facebook” and get access to both WP and Facebook accounts of the last user.
- The topic ‘[Plugin: Social Login] Session not cleared after logging out (Facebook Connect)’ is closed to new replies.
