All-in-One Microsoft 365 & Entra ID / Azure AD SSO Login

Vulnerabilities 3Slug login-with-azureLatest version 2.2.7WordPress.org →

Minimum safe version

2.2.6

Update to 2.2.6 or later to address 3 fixable vulnerabilities

Latest available2.2.7
N/A
2026-03-02< 2.2.6

All-in-One Microsoft 365 & Entra ID / Azure AD SSO Login <= 2.2.5 - Authentication Bypass

WordfenceCVE
N/A
< 1.4.5

Multiple Plugins from miniorange - Reflected Cross-Site Scripting via appId

WPScan
N/A
2021-08-30< 1.4.5

Multiple miniOrange Plugins (Various Version) - Reflected Cross-Site Scripting

Wordfence