OneLogin SAML SSO, ec8b02a9e067f197a2449cdd8ce4e3c5fb7cbc29

CVE, Research URL: ec8b02a9e067f197a2449cdd8ce4e3c5fb7cbc29
Home page URL: Security reports for OneLogin SAML SSO
Application: OneLogin SAML SSO
Published on: Oct 14, 2016
Research Description: OneLogin SAML SSO [onelogin-saml-sso] < 2.4.3 OneLogin SAML SSO <= 2.4.2 - Use of Vulnerable Component The OneLogin SAML SSO plugin for WordPress is potentially vulnerable to SAML Signature Wrapping attack due to use of a less secure version of the php-saml library in versions up to, and including, 2.4.2.
Affected versions: max 2.4.3.
Status: vulnerable