Description
WordPress Plugin OneLogin SAML SSO is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently login without a password or other authentication. WordPress Plugin OneLogin SAML SSO version 2.2.0 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 2.3.0 or latest
References
Related Vulnerabilities
WordPress Plugin Easy PayPal Events Cross-Site Scripting (1.1.1)
Atlassian Jira Missing Authorization Vulnerability (CVE-2020-14185)
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-0799)
WordPress Plugin WooCommerce Arbitrary File Download (3.4.5)
WebLogic Deserialization of Untrusted Data Vulnerability (CVE-2020-11620)