2022-09-05 12:35:17
WPScan
PUBLISHED
The Simple Single Sign On WordPress plugin through 4.1.0 leaks its OAuth client_secret, which could be used by attackers to gain unauthorized access to the site.