OAuth Single Sign On – SSO (OAuth Client) by miniOrange <= 6.22.5 - Auth Bypass
LANACOMMONVDB ID: 21a45363-8b09-4da1-ae17-6f4458a1ad19
The plugin was affected by an Auth Bypass vulnerability. To bypass authentication, we only need to know the user’s email address. Depending on whose email address we know, we may even be given an administrator role on the client’s website.