Vulnerability Details : CVE-2022-4496
The SAML SSO Standard WordPress plugin version 16.0.0 before 16.0.8, SAML SSO Premium WordPress plugin version 12.0.0 before 12.1.0 and SAML SSO Premium Multisite WordPress plugin version 20.0.0 before 20.0.7 does not validate that the redirect parameter to its SSO login endpoint points to an internal site URL, making it vulnerable to an Open Redirect issue when the user is already logged in.
Vulnerability category: Open redirect
Products affected by CVE-2022-4496
- Miniorange » Saml Sp Single Sign On » Premium Edition For WordpressVersions from including (>=) 12.0.0 and before (<) 12.1.0cpe:2.3:a:miniorange:saml_sp_single_sign_on:*:*:*:*:premium:wordpress:*:*
- Miniorange » Saml Sp Single Sign On » Multisite Edition For WordpressVersions from including (>=) 20.0.0 and before (<) 20.0.7cpe:2.3:a:miniorange:saml_sp_single_sign_on:*:*:*:*:multisite:wordpress:*:*
- Miniorange » Saml Sp Single Sign On » Standard Edition For WordpressVersions from including (>=) 16.0.0 and before (<) 16.0.8cpe:2.3:a:miniorange:saml_sp_single_sign_on:*:*:*:*:standard:wordpress:*:*
Exploit prediction scoring system (EPSS) score for CVE-2022-4496
0.07%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 32 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2022-4496
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
6.1
|
MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
2.8
|
2.7
|
NIST |
CWE ids for CVE-2022-4496
-
A web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a Redirect. This simplifies phishing attacks.Assigned by: contact@wpscan.com (Primary)
References for CVE-2022-4496
-
https://wpscan.com/vulnerability/e6c4c8c7-1dcd-45bf-8582-f12accca6fac
Just a moment...Third Party Advisory
-
https://wpscan.com/vulnerability/be21f355-0e5b-4ad7-9d8f-85e9a0101ddc
Just a moment...Third Party Advisory
-
https://wpscan.com/vulnerability/af2e30c7-0787-4fe2-97ee-bc616f7178a1
Just a moment...Third Party Advisory
Jump to