The Simple Single Sign On WordPress plugin through 4.1.0...
High severity
Unreviewed
Published
Sep 6, 2022
to the GitHub Advisory Database
•
Updated Jul 25, 2023
Description
Published by the National Vulnerability Database
Sep 5, 2022
Published to the GitHub Advisory Database
Sep 6, 2022
Last updated
Jul 25, 2023
The Simple Single Sign On WordPress plugin through 4.1.0 leaks its OAuth client_secret, which could be used by attackers to gain unauthorized access to the site.
References