Topic: Urgent logout issue – threat on user account |

We have moved to a support ticketing system and our forums are now closed.

Open Support Ticket

Tagged: Urgent logout issue

Author

Posts
April 16, 2018 at 9:04 am #1964

piyush jaiswal
Buyer

Post count: 224

Hi,

Today we have updated the plugins: Userswp and after that we are facing critical logout issue.

If we use social registration to signup or get signin with let say from facebook then after login if i logout then it is not closing it 100%.

resulting in i again try to login from my any other account through social login button let say this time Yahoo… then after asking login detail of yahoo… it it re-directing to me back to facebook account for which i had already logout.

Surprisingly that session is already open and and i am able to get login on facebook.

This is security threat to users. Kindly look into urgent basis.

Thanks,

Piyush

April 16, 2018 at 10:04 am #1965

Stiofan O’Connor
Site Admin

Post count: 22956

Hi Piyush,

Can you please provide wp-admin details in a private reply and explain how to recreate this step by step, when you are talking about loggin out for example are you talking about loggin our from your site or from facebook etc…

Thanks,

Stiofan

April 16, 2018 at 12:08 pm #1966

piyush jaiswal
Buyer

Post count: 224

This reply has been marked as private.

April 16, 2018 at 1:42 pm #1969

Stiofan O’Connor
Site Admin

Post count: 22956

i can’t recreate, i will flag it for Patrik to try.

Stiofan

April 16, 2018 at 2:01 pm #1970

Patrik
Moderator

Post count: 1971

Hi Piyush,

I have tried to log in using facebook account and then using Gmail account after logout but I can’t regenerate the issue regarding redirect again to the facebook page.

Now after few mins, When I am trying to log in with facebook it gives following configuration error:
“UsersWP Social Login is not properly configured.Facebook need to be properly configured.”

Can you please make sure you configured FB API properly?

Also, can you try to login with Facebook and then Gmail?

Regards,
Patrik

April 16, 2018 at 2:18 pm #1971

piyush jaiswal
Buyer

Post count: 224

This reply has been marked as private.

April 16, 2018 at 2:21 pm #1972

piyush jaiswal
Buyer

Post count: 224

Hi Pratik,

I’m unable to find the facebook configuration error in FB developer mode.

Also if there is any configuration error then in that case in 1st attempt only FB won’t allow to login me on tuikart through FB connect.

Again issue is there which u have highlighted for FB. How to correct it.

Thanks,

April 17, 2018 at 9:04 am #1981

Patrik
Moderator

Post count: 1971

Hi,

In same browser if you have 2 gmail accounts then pls. login both account in same browser

Now open the tuikart and login from facebook. Then Logout from facebook and try to login from one gmail account. Then logout and try to login from second gmail account — here you will automatically get login with 1st gmail account not the second.

Regarding above comment,

Gmail stores cookie for the logged in email ids. So when you log in with our Gmail social login option for the first time it will work fine but when you log out and log in again with another Gmail id you will be redirected to the first one which is due to Gmail cookie data. I suggest you try to login with one Gmail account and then clear the cookie and again login to another Gmail account. Let me know how it goes?

Regards,
Patrik
Author

Posts