Description
Gibbon v23 does not generate a new session ID cookie after a user authenticates, making the application vulnerable to session fixation.
Remediation
References
Related Vulnerabilities
PHP Integer Overflow or Wraparound Vulnerability (CVE-2010-1866)
PHP Other Vulnerability (CVE-2015-2787)
WordPress Plugin File Manager Advanced Shortcode Arbitrary File Upload (2.5.3)
WordPress Plugin Theme My Login 'instance' Parameter Cross-Site Scripting (6.1.4)
WordPress Plugin BestSmallShopLite Cross-Site Scripting (1.0.1)