SAML Single Sign On – SSO Login Security & Risk Analysis
wordpress.org/plugins/miniorange-saml-20-single-sign-onSAML SSO (Single Sign On) for WordPress Login with Okta, Entra ID, Azure AD/B2C, G-Suite, Shibboleth, OneLogin, Keycloak, Salesforce [24/7 Support]
Is SAML Single Sign On – SSO Login Safe to Use in 2026?
Generally Safe
Score 98/100SAML Single Sign On – SSO Login has a strong security track record. Known vulnerabilities have been patched promptly.
The "miniorange-saml-20-single-sign-on" plugin presents a mixed security posture. On the positive side, the plugin demonstrates good practices regarding SQL queries, utilizing prepared statements exclusively. The high percentage of properly escaped output (94%) and a substantial number of nonce and capability checks (13 and 21 respectively) also suggest an effort towards secure coding. However, several areas raise concerns. The presence of one unprotected AJAX handler significantly expands the attack surface, potentially allowing unauthorized actions. While taint analysis did not reveal critical or high severity unsanitized paths, the two flows with unsanitized paths warrant attention, as they could lead to vulnerabilities if exploited. The plugin's history of known CVEs, totaling six, is a notable weakness. Although there are currently no unpatched vulnerabilities, the history includes one high-severity issue and five medium-severity issues across common vulnerability types like missing authorization, open redirects, XSS, and CSRF. This pattern indicates a recurring tendency to introduce security flaws, necessitating vigilant monitoring and prompt patching of future issues. The bundled Select2 library, while not explicitly flagged as outdated, is a potential area for review if specific versions are known to have vulnerabilities.
Key Concerns
- Unprotected AJAX handler
- Taint flows with unsanitized paths
- Vulnerability history (1 high, 5 medium)
SAML Single Sign On – SSO Login Security Vulnerabilities
CVEs by Year
Severity Breakdown
6 total CVEs
SAML SP Single Sign On <= 5.0.4 - Missing Authorization to notice dismissal
SAML Single Sign On – SSO Login Premium Multisite < 20.0.7 - Open Redirect
SAML Single Sign On – SAML SSO Login <= 4.9.20 - Reflected Cross-Site Scripting
SAML Single Sign On – SAML SSO Login <= 4.8.83 - Cross-Site Scripting
SAML Single Sign On – SAML SSO Login < 4.8.73 - Cross-Site Scripting
SAML Single Sign On – SAML SSO Login <= 4.8.75 - Cross-Site Request Forgery
SAML Single Sign On – SSO Login Code Analysis
Bundled Libraries
SQL Query Safety
Output Escaping
Data Flow Analysis
SAML Single Sign On – SSO Login Attack Surface
AJAX Handlers 4
WordPress Hooks 26
Maintenance & Trust
SAML Single Sign On – SSO Login Maintenance & Trust
Maintenance Signals
Community Trust
SAML Single Sign On – SSO Login Alternatives
Cloud SAML SSO – Single Sign On Login
cloud-sso-single-sign-on
WordPress SSO using SAML IDPs to enable single sign on using Azure AD, Office 365, Okta, ADFS, KeyCloak, OneLogin, Salesforce, Google Apps Gsuite
OneLogin SAML SSO
onelogin-saml-sso
This plugin provides single sign-on via SAML and gives users one-click access to their WordPress accounts from identity providers like OneLogin.
SSO Login – Universal (OAuth + SAML)
authress
SSO Login provides user login, business authentication, SSO, Social login, and Single Sign-On for all sites.
Frontegg SAML SSO
frontegg-saml-sso
Replace the WordPress login and logout flows with secure SAML-based authentication via Frontegg. Easily configure your SSO app from the admin panel.
OAuth Single Sign On – SSO (OAuth Client)
miniorange-login-with-eve-online-google-facebook
WordPress SSO (Single Sign On) with Azure, Azure B2C, Cognito, Okta, Classlink, Discord, Clever, Keycloak, OAuth & OpenID Providers [24/7 SUPPORT].
SAML Single Sign On – SSO Login Developer Profile
38 plugins · 83K total installs
How We Detect SAML Single Sign On – SSO Login
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/miniorange-saml-20-single-sign-on/css/bootstrap.min.css/wp-content/plugins/miniorange-saml-20-single-sign-on/css/style.css/wp-content/plugins/miniorange-saml-20-single-sign-on/js/script.js/wp-content/plugins/miniorange-saml-20-single-sign-on/js/jquery-validation-plugin/jquery.validate.min.js/wp-content/plugins/miniorange-saml-20-single-sign-on/js/jquery-validation-plugin/additional-methods.min.js/wp-content/plugins/miniorange-saml-20-single-sign-on/css/responsive.css/wp-content/plugins/miniorange-saml-20-single-sign-on/css/bootstrap-toggle.min.css/wp-content/plugins/miniorange-saml-20-single-sign-on/js/bootstrap-toggle.min.js+2 moreadmin/js/mo-saml-login-admin.jsjs/mo-saml-login-script.jsadmin/js/mo-saml-settings-page.js/wp-content/plugins/miniorange-saml-20-single-sign-on/css/bootstrap.min.css?ver=/wp-content/plugins/miniorange-saml-20-single-sign-on/css/style.css?ver=/wp-content/plugins/miniorange-saml-20-single-sign-on/js/script.js?ver=/wp-content/plugins/miniorange-saml-20-single-sign-on/js/jquery-validation-plugin/jquery.validate.min.js?ver=/wp-content/plugins/miniorange-saml-20-single-sign-on/js/jquery-validation-plugin/additional-methods.min.js?ver=/wp-content/plugins/miniorange-saml-20-single-sign-on/css/responsive.css?ver=/wp-content/plugins/miniorange-saml-20-single-sign-on/css/bootstrap-toggle.min.css?ver=/wp-content/plugins/miniorange-saml-20-single-sign-on/js/bootstrap-toggle.min.js?ver=/wp-content/plugins/miniorange-saml-20-single-sign-on/css/mo-saml-login-style.css?ver=/wp-content/plugins/miniorange-saml-20-single-sign-on/js/mo-saml-login-script.js?ver=HTML / DOM Fingerprints
mo_saml-upgrade-boxmo_saml-dismissmo_saml-upgrade-titlemo_saml-upgrade-tagmo_saml-upgrade-descmo_saml-upgrade-btnmo_saml-secondary-btnmo_saml_login_form<!-- Custom CSS and JS --><!-- Display SAML SSO button on WP login page --><!-- Display SAML SSO button on WordPress login page via AJAX. -->data-url="admin-ajax.php"data-nonce="mo_saml_object