OneLogin SAML-SSO Plugin Vulnerabilities
The OneLogin SAML-SSO Plugin WordPress plugin has 4 known security vulnerabilities, including 1 critical. The most recent was disclosed on March 31, 2021. Check whether your site runs an affected version below.
View OneLogin SAML-SSO Plugin on WordPress.orgSummary
Latest vulnerability disclosed on March 31, 2021.
Recommendation
WPSentry recommends extreme caution
Only run OneLogin SAML-SSO Plugin if it is updated to the latest patched release. This plugin has a history of 1 critical, potentially exploitable vulnerability. If you already use it, update immediately — or consider a safer alternative.
Is your site affected?
Run a free external scan to detect OneLogin SAML-SSO Plugin and 35+ other WordPress security checks — no login or plugin required.
Known OneLogin SAML-SSO Plugin vulnerabilities
- medium
OneLogin SAML SSO <= 3.1.2 - Open Redirection
Affected versions: <=3.1.2Disclosed March 31, 2021 - high
OneLogin SAML SSO <= 2.8.0 - Distributed Denial-of-Service
Affected versions: <=2.8.0Disclosed January 28, 2019 - high
OneLogin SAML SSO <= 2.4.2 - Use of Vulnerable Component
Affected versions: <=2.4.2Disclosed October 14, 2016 - critical
OneLogin SAML-SSO Plugin < 2.1.6 - Authentication Bypass
Affected versions: <2.1.6Disclosed June 6, 2016
How to stay protected
Update promptly
Keep OneLogin SAML-SSO Plugin on its latest release — most vulnerabilities are fixed in newer versions.
Scan regularly
Run an external scan after every update to catch outdated or vulnerable software early.
Monitor continuously
Enable monitoring to get alerted the moment a new issue affects your stack.