Does SSO Login – Universal (OAuth + SAML) have any unpatched vulnerabilities?

No. All known vulnerabilities in SSO Login – Universal (OAuth + SAML) have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is SSO Login – Universal (OAuth + SAML) compatible with WordPress 6.9.4?

According to WordPress.org data, SSO Login – Universal (OAuth + SAML) 0.2.107 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is SSO Login – Universal (OAuth + SAML) compatible with PHP 8.2+?

SSO Login – Universal (OAuth + SAML) requires PHP 8.2 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is SSO Login – Universal (OAuth + SAML) updated?

SSO Login – Universal (OAuth + SAML) was last updated on Nov 29, 2025. Frequent updates are generally a positive security signal.

What is SSO Login – Universal (OAuth + SAML)'s security score?

SSO Login – Universal (OAuth + SAML) has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

SSO Login – Universal (OAuth + SAML) Security & Risk Analysis

wordpress.org/plugins/authress

SSO Login provides user login, business authentication, SSO, Social login, and Single Sign-On for all sites.

10 active installs v0.2.107 PHP 8.2+ WP 5.5+ Updated Nov 29, 2025

loginoauthsamlsingle-sign-onsso

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is SSO Login – Universal (OAuth + SAML) Safe to Use in 2026?

Generally Safe

Score 100/100

SSO Login – Universal (OAuth + SAML) has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 4mo ago

Risk Assessment

The 'authress' plugin v0.2.107 exhibits a generally good security posture based on the provided static analysis. All identified SQL queries utilize prepared statements, output is consistently escaped, and there are no recorded vulnerabilities in its history. The plugin also employs nonce and capability checks for its single protected entry point, which is a positive indicator of security awareness. However, a significant concern arises from the presence of an unprotected AJAX handler. This unprotected entry point represents a direct attack vector that could be exploited if it handles user-supplied input without proper validation or authorization, potentially leading to unauthorized actions or information disclosure.

Key Concerns

Unprotected AJAX handler

Vulnerabilities

None known

SSO Login – Universal (OAuth + SAML) Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

SSO Login – Universal (OAuth + SAML) Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

43 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Guzzle

Output Escaping

100% escaped43 total outputs

Attack Surface

1 unprotected

SSO Login – Universal (OAuth + SAML) Attack Surface

Entry Points2

Unprotected1

AJAX Handlers 2

authwp_ajax_authress_delete_dataAuthress_Sso_Login.php:312

authwp_ajax_authress_delete_cache_transientAuthress_Sso_Login.php:462

WordPress Hooks 29

actionplugins_loadedAuthress_Sso_Login.php:38

actionactivated_pluginAuthress_Sso_Login.php:95

filterallowed_redirect_hostsAuthress_Sso_Login.php:114

actionlogin_enqueue_scriptsAuthress_Sso_Login.php:124

actionwp_enqueue_scriptsAuthress_Sso_Login.php:134

filterquery_varsAuthress_Sso_Login.php:139

filterlogin_messageAuthress_Sso_Login.php:163

filterget_avatarAuthress_Sso_Login.php:234

actionadmin_action_authress_sso_login_callback_step1Authress_Sso_Login.php:241

actionadmin_action_authress_sso_login_clear_error_logAuthress_Sso_Login.php:259

actioninitAuthress_Sso_Login.php:265

actioninitAuthress_Sso_Login.php:272

actioninitAuthress_Sso_Login.php:299

actionedit_user_profileAuthress_Sso_Login.php:305

actionshow_user_profileAuthress_Sso_Login.php:306

actionadmin_menuAuthress_Sso_Login.php:344

actionadmin_noticesAuthress_Sso_Login.php:361

actionadmin_initAuthress_Sso_Login.php:370

actionadmin_enqueue_scriptsAuthress_Sso_Login.php:379

actionparse_requestAuthress_Sso_Login.php:385

actionadmin_enqueue_scriptsAuthress_Sso_Login.php:425

actionwp_redirectAuthress_Sso_Login.php:438

actiontemplate_redirectAuthress_Sso_Login.php:439

actionlogin_initAuthress_Sso_Login.php:447

actionwp_logoutAuthress_Sso_Login.php:454

actionlogin_formAuthress_Sso_Login.php:480

actionlostpassword_formAuthress_Sso_Login.php:481

filterbody_classAuthress_Sso_Login.php:494

filterlogin_body_classAuthress_Sso_Login.php:495

Maintenance & Trust

SSO Login – Universal (OAuth + SAML) Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedNov 29, 2025

PHP min version8.2

Downloads5K

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

SSO Login – Universal (OAuth + SAML) Alternatives

SAML Single Sign On – SSO Login

miniorange-saml-20-single-sign-on

SAML SSO (Single Sign On) for WordPress Login with Okta, Entra ID, Azure AD/B2C, G-Suite, Shibboleth, OneLogin, Keycloak, Salesforce [24/7 Support]

10K 6 CVEs

OAuth Single Sign On – SSO (OAuth Client)

miniorange-login-with-eve-online-google-facebook

WordPress SSO (Single Sign On) with Azure, Azure B2C, Cognito, Okta, Classlink, Discord, Clever, Keycloak, OAuth & OpenID Providers [24/7 SUPPORT].

7K 10 CVEs

Tim's Nextcloud SSO OAuth2

tims-nextcloud-sso-oauth2

100

Enables you to login to your WordPress site with your Nextcloud account with OAuth2

300 No CVEs

Lana Single Sign On

lana-sso

100

Creates the ability to login using Single Sign On via OAuth 2.0

20 No CVEs

Logto – User Authentication and Authorization

logto

100

Enable beautiful and secure user authentication, including passwordless, social login, single sign-on, multi-factor authentication (MFA), and more.

20 No CVEs

Developer Profile

SSO Login – Universal (OAuth + SAML) Developer Profile

Authress

1 plugin · 10 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect SSO Login – Universal (OAuth + SAML)

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/authress/templates/assets/css/login.css/wp-content/plugins/authress/templates/assets/css/main.css

Version Parameters

authress/login.css?ver=authress-widget/main.css?ver=

HTML / DOM Fingerprints

CSS Classes

avatar-authress

FAQ