VYPR
Medium severity6.1NVD Advisory· Published Jun 24, 2019· Updated Jun 17, 2026

CVE-2019-12346

CVE-2019-12346

Description

In the miniOrange SAML SP Single Sign On plugin before 4.8.73 for WordPress, the SAML Login Endpoint is vulnerable to XSS via a specially crafted SAMLResponse XML post.

Affected products

2

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.