Description
The wp_validate_auth_cookie function in wp-includes/pluggable.php in WordPress before 3.7.2 and 3.8.x before 3.8.2 does not properly determine the validity of authentication cookies, which makes it easier for remote attackers to obtain access via a forged cookie.
Remediation
References
Related Vulnerabilities
WordPress Plugin Social Sharing-Social Warfare Multiple Vulnerabilities (3.5.2)
Piwigo Exposure of Resource to Wrong Sphere Vulnerability (CVE-2022-26267)
Joomla! Core 1.0.5 Security Bypass (1.0.5)
Oracle Application Server Other Vulnerability (CVE-2005-3451)
WordPress Plugin Retain Live Chat Cross-Site Scripting (0.1)