Medium 5.3
2025-06-12< 18.5.4
WordPress OAuth Single Sign On - SSO (OAuth Client) Plugin <= 18.5.3 is vulnerable to Sensitive Data Exposure
OAuth Single Sign On - SSO (OAuth Client)
Vulnerabilities 2Slug miniorange-oauth-oidc-single-sign-on
Minimum safe version
28.4.9
Update to 28.4.9 or later to address 2 fixable vulnerabilities
Medium 6.5
2023-03-28< 28.4.9
WordPress OAuth Single Sign On - SSO (OAuth Client) Premium Plugin < 38.4.9 is vulnerable to Cross Site Request Forgery (CSRF)