You can not set cookies form site A that will be applicable on site B, therefor your “login by proxy” scheme will not work, and can not be made to work. In addition storing passwords in plain text is just a big no-no.
Related Posts:
- Can someone explain what wp_session_tokens are, and what are they used for?
- How to check WordPress website username and password is correct
- Is there any way to check for user login and send him to login?
- Verify if user is wordpress logged in from another app since wordpress 4.0
- Secruity Questions on a timer
- how to add security questions on wp-registration page and validate it
- How to store username and password to API in wordpress option DB?
- In Which Contexts are Plugins Responsible for Data Validation/Sanitization?
- How to properly validate data from $_GET or $_REQUEST using WordPress functions?
- Nonces can be reused multiple times? Bug / Security issue?
- WordPress and PHP Sessions – Security and Performance
- How to add Request header in WordPress remote api calls
- How to check username/password without signing in the user
- What is the difference between esc_html and wp_filter_nohtml_kses?
- Init action hook running late after PayPal’s return url?
- custom XMLRPC method plus authentication of user & WooCommerce order
- Nonce in settings API with tabbed navigation
- WordPress REST API call generates nonce twice on every call
- Problems after wp_set_password() containing an apostrophe
- Escaping built-in WP function return strings
- What is the difference between strip_tags and wp_filter_nohtml_kses?
- WordPress custom authentication implementation
- WP Cron doesn’t save or in post body
- Security error WP 4.0 + WP phpBB Bridge [closed]
- Two-step login process – Is it possible?
- How do I approach removing menu items on the fly based on settings in my plugin?
- WordPress restrict plugin file direct access
- Plugin development: is adding empty index.php files necessary?
- Confusion on WP Nonce usage in my Plugin
- How to extend expiry time of jwt wordpress token?
- Coding a plugin on WordPress; when should I sanitize? [duplicate]
- Configuring WordPress Auth Cookie Expiration
- Correct way check nonce (security) using old Options API
- Why do I need to check if wp_nonce_field() exists before using it
- How to get the ID of the currently logged in user?
- WordPress security issue to output data from user input from theme option form
- On Plugin Activation, How Do I Check for Proper Transport Mechanism?
- Proper way to pass credentials in a custom login form to avoid “headers already sent”
- External Authentication, session_tokens not destroyed on logout
- How to customize login process
- Secure Pages Best Practice
- wp_insert_user() function password never match
- Does wp_login only trigger before an user signs in into the admin panel?
- Securing/Escaping Output of file content – reading via fread() in PHP
- Logout users upon login, based on caps/role?
- Sending post request with wp_remote_post not working correctly
- Is it possible to make sure that only my plugins output is shown to the enduser?
- Password field is empty when using wp_signon();
- best way to make a WordPresss multisite that is secure but at the same time supporting my plugin development efforts
- Video Security just like facebook [closed]
- Plugin Development for registered users
- Is disabling test_form in wp_handle_upload a security concern?
- How to connect my wordpress plugin to a remote database securely?
- wp_nonce_field displaying twice
- Enqueue script globally
- WP Multisite login not working on one subsite. Possibly cookies/ history issue?
- Is it necessary to do validation again when retrieving data from database?
- How to set a cookie for logged in users to md5($user->ID . “my_secret”)?
- Checking a WordPress for OWASP top 10 vulnerabilities [closed]
- How do I have now a duplicated user entry if this is not allowed (and I cannot replicate it)?
- add_submenu_page hooked function must explicitly check user capabilities – why?
- Are there any security risks when submitting data-attribute data through AJAX?
- Why would you use esc_attr() on internal functions?
- How do I validate extra pin field on my WordPress login form page?
- Is it possible to use WP-CLI in a plugin (or theme)?
- How to redirect home page to another page after login for all user?
- Using HTML links within translatable string
- Where is the php file, that does the checks for login information?
- How can I save a password securely as a settings field
- Redirect returning users to a certain page?
- How to share user data across multiple WordPress websites?
- Using password protection to load different page elements?
- HTML Elements in my WP Plugin being generated in JS. Security and Translated Text Question about this method being used
- Allowing duplicating users with same user_login and user_email
- How to Login a User inside a Plugin and Redirect to page?
- Using custom IDP with WP
- Hiding the WordPress login and password fields from login page
- How to store sensitive user data (passwords)
- wp_remote_post not working with admin-post.php
- How do I make secure API calls from my WordPress plugin?
- esc_attr() on hard coded string
- redirect_to how to make it simply work with get parameter or similar?
- Experts opinions needed: How (in)secure is this approach?
- What is more secure checking capabilities of user or checking role of user in WordPress plugin development
- Multiple Users Logged In Causing Incorrect Account Returned
- Data Validation, dynamically generated fields (select for example)
- Get user logged in status from within a plugin. $current_user not defined
- Securely log in a user without a password using a link?
- Need edit profile link in the menu for logged in users
- Create a Custom Login System in WordPress [closed]
- how can I insert a link on login page
- user can login from single account detail from multiple locations(computer) at the same time [closed]
- Rest Api WordPress
- esc_url, esc_url_raw or sanitize_url?
- Add rewrite rule in plugin: with .htaccess in plugin folder or using WordPress functions
- SQL query for custom taxonomy slugs
- What should happen when a WordPress Plugin is activated across the network (Network Wide Activation)
- How to Trigger WP CRON at Local Timestamp?
- Force download file from plugin (change output http headers)
- Extract Information from post content (using regex?)