Skip to content

{bjørn:johansen}

☆ Not an expert. Probably wrong.

  • Home
  • About me
  • Privacy Policy

Tag Archives: nonce

How to perform and mitigate a WordPress session donation attack

WordPress doesn’t use a nonce for the login form, which opens up for you to perform a WordPress session donation attack.

Continue reading “How to perform and mitigate a WordPress session donation attack”

Posted byBjørn JohansenMarch 22, 2017November 18, 2022Posted inSecurity, WordPressTags:howto, nonce, security, WordPress1 Comment on How to perform and mitigate a WordPress session donation attack
{bjørn:johansen}, Proudly powered by WordPress. Privacy Policy