GHSA-x77p-gjm6-3v9rCriticalCVSS 9.8
Authentication Bypass Using an Alternate Path or Channel vulnerability in miniOrange Security...
🔗 CVE IDs covered (1)
📋 Description
Authentication Bypass Using an Alternate Path or Channel vulnerability in miniOrange Security Software Pvt Ltd. OAuth Single Sign On - SSO (OAuth Client) allows Password Recovery Exploitation.
This issue affects OAuth Single Sign On - SSO (OAuth Client): from n/a through 38.5.8.
🔗 References (3)
- https://nvd.nist.gov/vuln/detail/CVE-2026-57807
- https://patchstack.com/database/wordpress/plugin/miniorange-oauth-oidc-single-sign-on/vulnerability/wordpress-oauth-single-sign-on-sso-oauth-client-plugin-38-5-8-broken-authentication-vulnerability?_s_id=cve
- https://github.com/advisories/GHSA-x77p-gjm6-3v9r