Security vulnerabilities in Pantheon (1)


  • SSO Enforcement Bypass – WP SAML Auth 2.1.3

    Affected plugin WP SAML Auth Active installs 5,000+ Vulnerable version <= 2.1.3 Audited version 2.1.3 Fully patched version 2.1.4 Recommended remediation Upgrade the plugin to 2.1.4 Description The WP SAML Auth plugin allows enforcing that all users must log in via the configured SAML IDP rather than the standard WordPress login. This can be bypassed…