cleantalk
Vulnerabilities and Security Researches

OneLogin SAML SSO, CVE-2016-10928

CVE, Research URL

CVE-2016-10928

Home page URL

Security reports for OneLogin SAML SSO

Application

OneLogin SAML SSO

Published on
Aug 23, 2019
Research Description
The onelogin-saml-sso plugin before 2.2.0 for WordPress has a hardcoded @@@nopass@@@ password for just-in-time provisioned users.
Affected versions
max 2.2.0.
Status
vulnerable
Previous vulnerability researches
OneLogin SAML SSO (1a67c6e8c0f626e7e972617535855a0e05c26280) , Jun 16, 2026
OneLogin SAML SSO (ec8b02a9e067f197a2449cdd8ce4e3c5fb7cbc29) , Jun 16, 2026
OneLogin SAML SSO (83db63439730e3225b9f5d4fdea2dabfabfe99a7) , Jun 16, 2026
OneLogin SAML SSO (530cfac92999235c44a4feccfbdf12b2da327104) , Jun 16, 2026
OneLogin SAML SSO (4769ad415559fb0b36a2b47b82588695681dc98f) , Jun 16, 2026
New vulnerability
leenk.me (753d31765913b4d2dbb8af0a5512e5f1f8c70c61) , Jun 16, 2026
Social Hashtags (5abd4657-8a58-4d97-b8cb-b67235ab5b8a) , Jun 16, 2026
Social Hashtags (1965c7b04565befbb11c28b56cb6922733a47b03) , Jun 16, 2026
Social Hashtags (a7cf6766582e354e702766a86f85716127d19bdc) , Jun 16, 2026
Simple Calendar – Google Calendar Plugin (e98a6264-9c5a-417f-b2f8-bd0017b411a0) , Jun 16, 2026