ThreatPress

WordPress Vulnerabilities Database

Back

WordPress OneLogin SAML SSO Plugin <= 2.1.5 - Authentication Bypass

Product
OneLogin SAML SSO
Description
This plugin has a bug which allows anyone to login without a password or other authentication.
Solution
Update the plugin.
Classification
Type BYPASS
OWASP Top 10 A2: Broken Authentication and Session Management
References
Hackerone
CVE
Name CVE-N/A
Versions
Affected In <= 2.1.5
Fixed In 2.1.6
Disclosure date
2016-06-06
Submitter
ThreatPress