VYPR

Cloud SAML SSO

by Cloud SAML SSO

CVEs (2)

  • CVE-2025-7040HigSep 6, 2025
    risk 0.53cvss 8.2epss 0.00

    The Cloud SAML SSO plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'set_organization_settings' action of the csso_handle_actions() function in all versions up to, and including, 1.0.19. The handler reads…

  • CVE-2025-7045MedSep 6, 2025
    risk 0.42cvss 6.5epss 0.00

    The Cloud SAML SSO plugin for WordPress is vulnerable to Identity Provider Deletion due to a missing capability check on the delete_config action of the csso_handle_actions() function in all versions up to, and including, 1.0.19. This makes it possible for unauthenticated…