The Simple Single Sign On WordPress plugin up to and including 4.1.0 leaks its OAuth client_secret, which could be used by malicious users to gain unauthorized access to the site.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
simple sign on project simple sign on |