vulnerability
WordPress Plugin: cloud-sso-single-sign-on: CVE-2025-7040: Missing Authorization
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 8 | (AV:N/AC:L/Au:N/C:N/I:C/A:P) | Sep 5, 2025 | Sep 8, 2025 | Sep 8, 2025 |
Severity
8
CVSS
(AV:N/AC:L/Au:N/C:N/I:C/A:P)
Published
Sep 5, 2025
Added
Sep 8, 2025
Modified
Sep 8, 2025
Description
The Cloud SAML SSO plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'set_organization_settings' action of the csso_handle_actions() function in all versions up to, and including, 1.0.19. The handler reads client-supplied POST parameters for organization settings and passes them directly to update_option() without any check of the user’s capabilities or a CSRF nonce. This makes it possible for unauthenticated attackers to change critical configuration (including toggling signing and encryption), potentially breaking the SSO flow and causing a denial-of-service.
Solution
cloud-sso-single-sign-on-plugin-cve-2025-7040
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.