WordPress OneLogin SAML SSO Plugin <= 2.1.5 - Authentication Bypass
- Product
- OneLogin SAML SSO
- Description
- This plugin has a bug which allows anyone to login without a password or other authentication.
- Solution
- Update the plugin.
- Classification
-
Type BYPASS
OWASP Top 10 A2: Broken Authentication and Session Management - References
-
Hackerone
- CVE
- Name CVE-N/A
- Versions
-
Affected In
<= 2.1.5
Fixed In 2.1.6 - Disclosure date
- 2016-06-06
- Submitter
- ThreatPress