Oauth Single Sign On
Approved changes feed: RSS · Atom
cpe:2.3:a:miniorange:oauth_single_sign_on:*:*:*:*:*:wordpress:*:*
part: a version: * update: *
| Vendor | Miniorange (30ca830e-0f9b-52a7-9359-14c31196f049) |
|---|---|
| Product | Oauth Single Sign On (902e4113-94ca-525c-8f3d-6f5e620b0d93) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | wordpress |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2023-1093 |
vulnerable | 2026-06-03 14:48:53.720956 |
OAuth Single Sign On - SSO (OAuth Client) < 6.24.2 - IdP Discard via CSRF
The OAuth Single Sign On WordPress plugin before 6.24.2 does not have CSRF checks when discarding Identify providers (IdP), which could allow attackers to make logged in admins delete all IdP via a CSRF attack
Published: 2023-03-27T15:37:22.994Z
Updated: 2025-02-19T20:16:48.586Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-34155 |
vulnerable | 2026-06-03 14:47:29.210504 |
WordPress OAuth Single Sign On – SSO (OAuth Client) Plugin <= 6.23.3 is vulnerable to Broken Authentication
HIGH (8.8)
Improper Authentication vulnerability in miniOrange OAuth Single Sign On – SSO (OAuth Client) plugin allows Authentication Bypass.This issue affects OAuth Single Sign On – SSO (OAuth Client): from n/a through 6.23.3.
Published: 2023-07-18T13:41:59.369Z
Updated: 2026-04-28T16:07:44.244Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-2133 |
vulnerable | 2026-06-03 14:47:00.332074 |
OAuth Single Sign On < 6.22.6 - Authentication Bypass
The OAuth Single Sign On WordPress plugin before 6.22.6 doesn't validate that OAuth access token requests are legitimate, which allows attackers to log onto the site with the only knowledge of a user's email address.
Published: 2022-07-17T10:36:17.000Z
Updated: 2024-08-03T00:24:44.224Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.