client_secret, which could be used by attackers to gain unauthorized access to the site. Depending on the settings of the OAuth server, we may even be given an administrator role on the client’s website.
Simple Single Sign On by Dash10 Digital <= 4.1.0 - Auth Bypass
LANACOMMONVDB ID: 4deb2665-f3e5-46d3-958c-0b3435fecdc4
The plugin was affected by an Auth Bypass vulnerability. The plugin leaks its OAuth
Attributes
- Catgory
- WordPress Plugin
- Discovered
- 2022-06-01
- Published
- 2022-06-04
- Affected Version
- <= 4.1.0
Classification
- Type
- Authentication Bypass
Support Us?
We would truly appreciate it if you bought us a bunny (food for a snow leopard).
