How it works Pricing

Vulnerabilities

WordPress Plugins Themes Stats Submit vulnerabilities

For developers

Status API details CLI scanner

WordPress Plugin Vulnerabilities

OneLogin SAML SSO <= 2.1.5 - Authentication Bypass

Description

The OneLogin SAML SSO WordPress plugin was affected by an Authentication Bypass security vulnerability.

Affects Plugins

onelogin-saml-sso

Fixed in version 2.1.6

References

URL

https://hackerone.com/reports/136169

URL

https://github.com/onelogin/wordpress-saml/commit/b102b16ce29ed92d2c4677ca491c6bbe33ee25fa

Classification

Type

AUTHBYPASS

OWASP top 10

A2: Broken Authentication and Session Management

CWE

Miscellaneous

Submitter

ethicalhack3r

Submitter twitter

Verified

No

WPVDB ID

9f87f7b1-aecc-4abf-9dd0-078815f16d7e

Timeline

Publicly Published

2016-06-06 (about 6 years ago)

Added

2016-06-06 (about 6 years ago)

Last Updated

2019-11-01 (about 3 years ago)

Our Other Services

WPScan WordPress Security Plugin