wp_logout_url() – WordPress Failure Notice

My wp_logout_url() is working right from the front end.

But when I change the new password from the front end, then, on the change password page, when I click on logout, the wp_logout_url() outputs

You are attempting to log out of (site name)

Do you really want to log out?

Here is a screen shot snippet
enter image description here

Any suggestions?

Solutions Collecting From Web of "wp_logout_url() – WordPress Failure Notice"

I have the exact same problem and can duplicate the behavior. It only happens when a password is successfully changed. If after a password change you navigate to a different page, all is well again. But clicking the logout link then invokes wp_logout_url() and I consistently get that error.

The error is also triggered if you provide a wrong nonce. So, that may be a clue. Seems like it is a WP core bug of some sort.

In my case the not so elegant work-around has been to force a redirect to a page that says “Your Password Has Been Changed” after a successful password change. The logout link will be well behaved again. This is a work-around, not a solution for the bug.

What is the code that does the password change?

I had a similar problem that was 100% reproducible. The problem for me was that I was automatically logging in a WP user if I detected a cookie from an external authentication server.

My code for the automatic login was calling wp_set_auth_cookie(). This puts the WP logged_in cookie into the current HTTP response which then becomes available in the next HTTP request, but not the current one. Thus the nonce generated for the logout URL in the current request is not correct since it is not finding the session’s logged_in token which should be in the cookies.

For me, I found the solution in this answer by Jörn Lund: https://wordpress.stackexchange.com/a/184055/69247

I added the code suggested by that answer to my plugin that was doing the automatic login and the logout failure page went away because now the nonce is being correctly generated using the token that is in the logged_in cookie.

function my_update_cookie( $logged_in_cookie ){
    $_COOKIE[LOGGED_IN_COOKIE] = $logged_in_cookie;
}
add_action( 'set_logged_in_cookie', 'my_update_cookie' );