Published: 30/01/2023 Updated: 28/03/2025

The SAML SSO Standard WordPress plugin version 16.0.0 prior to 16.0.8, SAML SSO Premium WordPress plugin version 12.0.0 prior to 12.1.0 and SAML SSO Premium Multisite WordPress plugin version 20.0.0 prior to 20.0.7 does not validate that the redirect parameter to its SSO login endpoint points to an internal site URL, making it vulnerable to an Open Redirect issue when the user is already logged in.

Vulnerable Product	Search on Vulmon	Subscribe to Product
miniorange miniorange wordpress saml sso standard
miniorange miniorange wordpress saml sso premium
miniorange miniorange wordpress saml sso premium mulsitesite
miniorange saml sp single sign on

https://nvd.nist.gov https://www.first.org/epss https://wpscan.com/vulnerability/af2e30c7-0787-4fe2-97ee-bc616f7178a1 https://wpscan.com/vulnerability/be21f355-0e5b-4ad7-9d8f-85e9a0101ddc https://wpscan.com/vulnerability/e6c4c8c7-1dcd-45bf-8582-f12accca6fac https://wpscan.com/vulnerability/af2e30c7-0787-4fe2-97ee-bc616f7178a1 https://wpscan.com/vulnerability/be21f355-0e5b-4ad7-9d8f-85e9a0101ddc https://wpscan.com/vulnerability/e6c4c8c7-1dcd-45bf-8582-f12accca6fac

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2022-4496

Vulnerability Summary

Vulnerability Trend

References

Vulmon Search

About

Products

Connect