cleantalk
Vulnerabilities and Security Researches

OAuth client Single Sign On for WordPress ( OAuth 2.0 SSO ), ebc129d7855446f1b4ea794ee62482115be97075

CVE, Research URL

ebc129d7855446f1b4ea794ee62482115be97075

Home page URL

Security reports for OAuth client Single Sign On for WordPress ( OAuth 2.0 SSO )

Application

OAuth client Single Sign On for WordPress ( OAuth 2.0 SSO )

Published on
May 03, 2022
Research Description
OAuth client Single Sign On for WordPress ( OAuth 2.0 SSO ) [oauth-client-for-user-authentication] < 3.0.2 OAuth client Single Sign On for WordPress ( OAuth 2.0 SSO ) <= 3.0.1 - Cross-Site Scripting The OAuth client Single Sign On for WordPress ( OAuth 2.0 SSO ) plugin for WordPress is vulnerable to Cross-Site Scripting via the $key variable in versions up to, and including 3.0.1.
Affected versions
max 3.0.2.
Status
vulnerable
Previous vulnerability researches
WPvivid Backup for MainWP (ec00cf2f6a6757dc3371250c1689bf0e482f89f9) , Jun 16, 2026
WPvivid Backup for MainWP (2c3fbbc425bd92d0f969e669e6a4b8564997aa02) , Jun 16, 2026
WPvivid Backup for MainWP (CVE-2024-35664) , Jun 06, 2024
WPvivid Backup for MainWP (CVE-2024-1383) , Jun 06, 2024
New vulnerability
Booking Package (e7eb5243d3af9fd38973f7d59bebc6d698472b0b) , Jun 16, 2026
WP Simple Spreadsheet Fetcher for Google (f8fce47113e556ee0530bb8582de7956f1271b31) , Jun 16, 2026
WP Simple Spreadsheet Fetcher for Google (f224ff37-4126-49bc-b432-0d1e177abec8) , Jun 16, 2026
Team Showcase (6b13bc31f18e37d9599254d9ab05927592e1f19f) , Jun 16, 2026
Team Showcase (5b6a6c2a49333beeedb438830a1e82e7ac78d8e6) , Jun 16, 2026