cleantalk
Vulnerabilities and Security Researches

OAuth Single Sign On – SSO (OAuth Client), CVE-2025-9485

CVE, Research URL

CVE-2025-9485

Home page URL

Security reports for OAuth Single Sign On – SSO (OAuth Client)

Application

OAuth Single Sign On – SSO (OAuth Client)

Published on
Oct 04, 2025
Research Description
The OAuth Single Sign On – SSO (OAuth Client) plugin for WordPress is vulnerable to Improper Verification of Cryptographic Signature in versions up to, and including, 6.26.12. This is due to the plugin performing unsafe JWT token processing without verification or validation in the `get_resource_owner_from_id_token` function. This makes it possible for unauthenticated attackers to bypass authentication and gain access to any existing user account - including administrators in certain configurations - or to create arbitrary subscriber-level accounts.
Affected versions
max 6.26.13.
Status
vulnerable
Previous vulnerability researches
OAuth Single Sign On – SSO (OAuth Client) (CVE-2022-2133) , Jun 06, 2024
OAuth Single Sign On – SSO (OAuth Client) (CVE-2022-34155) , Jun 06, 2024
OAuth Single Sign On – SSO (OAuth Client) (CVE-2023-1092) , Jun 06, 2024
OAuth Single Sign On – SSO (OAuth Client) (CVE-2023-1093) , Jun 06, 2024
OAuth Single Sign On – SSO (OAuth Client) (CVE-2025-10752) , Nov 10, 2025
New vulnerability
Author: Munzir (CVE-2025-58916) , Nov 11, 2025
Watu Quiz (CVE-2025-11238) , Nov 11, 2025
Advanced Custom Fields : CPT Options Pages (CVE-2025-60208) , Nov 11, 2025
Doliconnect (CVE-2025-53574) , Nov 11, 2025
Advanced scrollbar – Customize the scrollbar (CVE-2025-49900) , Nov 11, 2025