Saml Sp Single Sign On
Approved changes feed: RSS · Atom
cpe:2.3:a:miniorange:saml_sp_single_sign_on:*:*:*:*:*:wordpress:*:*
part: a version: * update: *
| Vendor | Miniorange (30ca830e-0f9b-52a7-9359-14c31196f049) |
|---|---|
| Product | Saml Sp Single Sign On (efbddc6b-ad21-56e6-a3d3-c5f2bbb3fd58) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | wordpress |
| Target hardware | * |
| Other | * |
| Notes | Imported from purl2cpe mapping |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
pkg:github/wp-plugins/miniorange-saml-20-single-sign-on |
purl2cpe | 2026-06-01 10:12:20.668196 |
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2020-6850 |
vulnerable | 2026-06-03 14:42:59.185872 |
Details available
Utilities.php in the miniorange-saml-20-single-sign-on plugin before 4.8.84 for WordPress allows XSS via a crafted SAML XML Response to wp-login.php. This is related to the SAMLResponse and RelayState variables, and the Destination parameter of the samlp:Response XML element.
Published: 2020-02-17T15:01:33.000Z
Updated: 2024-08-04T09:11:05.199Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2019-12346 |
vulnerable | 2026-06-03 14:39:34.665260 |
Details available
In the miniOrange SAML SP Single Sign On plugin before 4.8.73 for WordPress, the SAML Login Endpoint is vulnerable to XSS via a specially crafted SAMLResponse XML post.
Published: 2019-06-24T20:25:25.000Z
Updated: 2024-08-04T23:17:39.563Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.