[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fE40gbiOgXpFx3-9zs30dBLVOGypmjQZebTY8XtjuOfE":3,"$f-Jng4UpmKrOQTb3yI-8lniQK-ZRn1GcurlVM72fu1UQ":519,"$fIC9gPs6VIZSZR6YYZJe_CzkIL3mW7cbVENHkvH8x3MY":523},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":11,"last_updated":13,"tested_up_to":14,"requires_at_least":15,"requires_php":16,"tags":17,"homepage":23,"download_link":24,"security_score":25,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27,"discovery_status":28,"vulnerabilities":29,"developer":30,"crawl_stats":26,"alternatives":35,"analysis":128,"fingerprints":479},"rainbow-secure","Rainbow Secure – Advanced MFA & SSO Plugin","1.3.0","rsecurewp","https:\u002F\u002Fprofiles.wordpress.org\u002Frsecurewp\u002F","\u003Cp>Rainbow Secure’s MFA and SSO Plugin provides enterprise-level protection with customizable authentication workflows to secure your website and user accounts from credential theft, brute-force attacks, phishing, and more. Empower your users with secure and seamless logins, while protecting your site from cyber threats.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Key Features:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Col>\n\u003Cli>\n\u003Cp>\u003Cstrong>Multi-Factor Authentication (MFA)\u003C\u002Fstrong>\u003Cbr \u002F>\nSafeguard your WordPress site with various MFA options, including:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Formatted Passwords: Customize passwords with additional layers like color and style.  \u003C\u002Fli>\n\u003Cli>OTP Challenges: Receive OTPs via Email, SMS, or Mobile App for every login attempt.  \u003C\u002Fli>\n\u003Cli>Adaptive Authentication: Security adjusted based on device, time of access, location, and behavior.  \u003C\u002Fli>\n\u003Cli>Remember Device: Trusted devices can be whitelisted to reduce repeated MFA prompts.  \u003C\u002Fli>\n\u003Cli>Location-based MFA: Define trusted work locations for seamless, secure access.  \u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Single Sign-On (SSO)\u003C\u002Fstrong>\u003Cbr \u002F>\nSimplify login for your users with SSO integration:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Supports SAML, Integrate with 1000+ SaaS applications including Microsoft Office, Google Workspace, Salesforce, Zoom, Canva, Stripe, Cloud Providers including Azure AD, AWS, Google, IAM providers including Entra, Okta, Ping Identity.\u003C\u002Fli>\n\u003Cli>User provisioning and de-provisioning for automatic WordPress account management.  \u003C\u002Fli>\n\u003Cli>Role mapping and session management across multiple apps.  \u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Customizable Security Policies\u003C\u002Fstrong>\u003Cbr \u002F>\nDefine security rules tailored to your organization’s needs:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Set Conditional Access rules based on IP, role, location, or time.  \u003C\u002Fli>\n\u003Cli>Restrict access to trusted devices or enforce custom password policies with Rainbow Secure features.  \u003C\u002Fli>\n\u003Cli>Role-based access control ensures only authorized users reach key areas of your site.  \u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Compliance and Reporting\u003C\u002Fstrong>\u003Cbr \u002F>\nAchieve regulatory compliance and maintain control over user activities:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>GDPR & CCPA compliance: Tools to manage user data privacy with export and deletion capabilities.  \u003C\u002Fli>\n\u003Cli>Audit logs: Track login attempts and SSO\u002FMFA activity for accountability and monitoring.  \u003C\u002Fli>\n\u003Cli>Secure data transmission with AES-256 encryption for credentials and tokens.  \u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>WooCommerce & BuddyPress Integration\u003C\u002Fstrong>\u003Cbr \u002F>\nProtect your eCommerce transactions with WooCommerce support, and extend MFA and SSO security to BuddyPress for community sites.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Custom Branding & Login Flows\u003C\u002Fstrong>\u003Cbr \u002F>\nCustomize your login screens with your brand’s logos and colors, and create passwordless login options for a seamless, secure user experience.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Premium Support & Enterprise Features\u003C\u002Fstrong>\u003Cbr \u002F>\nEnjoy 24\u002F7 priority support and enterprise-grade features such as load balancing, high availability, and multi-factor backups for scaling your security.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>This plugin is licensed under the GPLv2 or later. For more information, see the \u003Ca href=\"https:\u002F\u002Fwww.gnu.org\u002Flicenses\u002Fgpl-2.0.html\" rel=\"nofollow ugc\">GNU General Public License\u003C\u002Fa>.\u003C\u002Fp>\n","Boost your WordPress site’s security with advanced multi-layer MFA and seamless SSO integration.",0,774,"2026-03-08T23:05:00.000Z","6.9.4","5.0","7.2",[18,19,20,21,22],"login","mfa","otp","saml","sso","https:\u002F\u002Frainbowsecure.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Frainbow-secure.zip",100,null,"2026-04-16T10:56:18.058Z","no_bundle",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":31,"total_installs":11,"avg_security_score":25,"avg_patch_time_days":32,"trust_score":33,"computed_at":34},1,30,94,"2026-05-20T02:37:11.192Z",[36,61,80,96,114],{"slug":37,"name":38,"version":39,"author":40,"author_profile":41,"description":42,"short_description":43,"active_installs":44,"downloaded":45,"rating":46,"num_ratings":47,"last_updated":48,"tested_up_to":14,"requires_at_least":49,"requires_php":50,"tags":51,"homepage":56,"download_link":57,"security_score":58,"vuln_count":59,"unpatched_count":11,"last_vuln_date":60,"fetched_at":27},"miniorange-wp-as-saml-idp","SAML IDP (Identity Provider) – Login with Website Users","1.16.6","miniOrange","https:\u002F\u002Fprofiles.wordpress.org\u002Fcyberlord92\u002F","\u003Cp>Login using WordPress Users ( WP as SAML IDP SSO ) provides SAML functionality for WordPress SSO Login with WP Users into a SAML \u002F WS-FED \u002F JWT compliant Service Provider.\u003C\u002Fp>\n\u003Cp>WordPress SAML Single Sign-On (SSO) IDP Plugin allows your WordPress users to log into other SAML, WS-Fed, or JWT applications using their WordPress credentials. The plugin makes your WordPress site act as the Identity Provider and allows your users to log in with WordPress credentials, making it more secure by establishing trust with other Service Providers (SP). applications.\u003C\u002Fp>\n\u003Cp>This WordPress SAML IDP SSO solution provides SAML SSO capability to your WordPress site, converting it to a SAML-compliant Identity Provider that can be configured with any SAML-compliant Service Provider.\u003C\u002Fp>\n\u003Cp>Login With WordPress allows users residing in your WordPress site to login to your SAML 2.0 or WS-FED compliant Service Provider. We support Login with WordPress Users into all known Service Providers that support SAML IDP SSO Authentication, WSFED authentication, and JWT authentication (Premium feature). Login with WordPress provides compatibility with various Service Providers.\u003C\u002Fp>\n\u003Cp>Login using WordPress Users ( WP as SAML IDP ) allows SSO login into Tableau, Zoho CRM, Panopto, Salesforce, Rocketchat, Freshdesk, Moodle LMS integrations, miniOrange, Thinkific, Canvas LMS SSO, Absorb LMS, TalentLMS, iPipeline, Mendix, NextCloud Login, Zendesk, LinkedIn Learning, Tiled, Higher Logic, BlueJeans, Hubspot, SAP Litmos, LifeRay, MindGarden, Tableau Cloud, Panopto, Zoom, AWS SSO Cognito, WordPress, Documoto, and all SAML 2.0 capable Service Providers.\u003C\u002Fp>\n\u003Cp>WordPress as IDP SAML \u002F WS-FED \u002F JWT SSO Plugin acts as a SAML 2.0 or WS-FED or JWT Identity Provider, which can be configured to establish the trust between the plugin and various SAML 2.0 or WS-FED or JWT supported Service Providers to securely authenticate the user using the WordPress site credentials.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Quick Links:\u003C\u002Fstrong> \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fwordpress-saml-idp?utm_source=readme&utm_medium=saml_idp_lp&utm_campaign=Official_Website\" rel=\"nofollow ugc\">🌐Official Website\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fstep-by-step-guide-for-wordpress-saml-idp?utm_source=readme&utm_medium=all_guides&utm_campaign=Setup_Guide\" rel=\"nofollow ugc\">🛠️Setup Guide\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fsandbox.miniorange.com\u002F?utm_source=readme&utm_medium=Sandbox&utm_campaign=feature_trial\" rel=\"nofollow ugc\">🎁Free Full-Feature Trial\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fwordpress-saml-idp?utm_source=readme&utm_medium=pricing&utm_campaign=pricing_plan#pricing\" rel=\"nofollow ugc\"> 💎Pricing Plans\u003C\u002Fa>  | \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fwordpress-saml-idp?utm_source=readme&utm_medium=contact_form&utm_campaign=support#mo_external_contact_form\" rel=\"nofollow ugc\">🤝Support\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>List of Supported Service Providers\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Tableau\u003C\u002Fstrong> (Login to Tableau) – Supports \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Ftableau-wordpress-single-sign-on-sso-login\" rel=\"nofollow ugc\">Tableau Online\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Ftableau-saml-single-sign-on-with-wordpress-as-idp\" rel=\"nofollow ugc\">Tableau Server\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Tableau Embed\u003C\u002Fstrong> (Embed Tableau Visualizations into WordPress Site)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Tableau Cloud\u003C\u002Fstrong> (Login to Tableau Cloud)\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fwordpress-zoho-single-sign-on-sso-login\" rel=\"nofollow ugc\">\u003Cstrong>Zoho CRM\u003C\u002Fstrong>\u003C\u002Fa> (Login to Zoho)\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fwordpress-freshdesk-single-sign-on-sso-login\" rel=\"nofollow ugc\">\u003Cstrong>Freshdesk Agents SSO\u003C\u002Fstrong>\u003C\u002Fa> (Login to Freshdesk as Agents)\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fwordpress-freshdesk-single-sign-on-sso-login\" rel=\"nofollow ugc\">\u003Cstrong>Freshdesk Contacts SSO\u003C\u002Fstrong>\u003C\u002Fa> (Login to Freshdesk as Contacts)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Freshdesk Login\u003C\u002Fstrong> ( Login to Freshdesk)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Freshworks\u003C\u002Fstrong> (Login to Freshworks)\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fmoodle-single-sign-on-sso\" rel=\"nofollow ugc\">\u003Cstrong>Moodle LMS Login\u003C\u002Fstrong>\u003C\u002Fa> (Moodle LMS Login Integration)\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fwordpress-nextcloud-single-sign-on-sso-login\" rel=\"nofollow ugc\">\u003Cstrong>NextCloud\u003C\u002Fstrong>\u003C\u002Fa> (Login to NextCloud) – \u003Cem>Requires \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fwordpress-saml-idp\" rel=\"nofollow ugc\">Premium version\u003C\u002Fa>\u003C\u002Fem>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fwordpress-zoom-single-sign-on-sso-login\" rel=\"nofollow ugc\">\u003Cstrong>Zoom\u003C\u002Fstrong>\u003C\u002Fa> (Login to Zoom)\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fwordpress-hubspot-single-sign-on-sso-login\" rel=\"nofollow ugc\">\u003Cstrong>Hubspot SSO Login\u003C\u002Fstrong>\u003C\u002Fa> (Login to Hubspot)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>ServiceNow\u003C\u002Fstrong> (Login to ServiceNow)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>BoardEffect\u003C\u002Fstrong> (Login to BoardEffect)\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fwordpress-aws-cognito-single-sign-on-sso-login\" rel=\"nofollow ugc\">\u003Cstrong>AWS Cognito\u003C\u002Fstrong>\u003C\u002Fa> (Login to AWS SSO Cognito) – \u003Cem>Requires \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fwordpress-saml-idp\" rel=\"nofollow ugc\">Premium version\u003C\u002Fa>\u003C\u002Fem>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsingle-sign-on-sso-between-two-wordpress-sites\" rel=\"nofollow ugc\">\u003Cstrong>WordPress\u003C\u002Fstrong>\u003C\u002Fa> (Login to WordPress)\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fwordpress-salesforce-single-sign-on-sso-login\" rel=\"nofollow ugc\">\u003Cstrong>Salesforce\u003C\u002Fstrong>\u003C\u002Fa> (Login to Salesforce)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>miniOrange\u003C\u002Fstrong> (Login to miniOrange)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Moodle LMS integration\u003C\u002Fstrong> ( Moodle LMS Login)\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fwordpress-panopto-single-sign-on-sso-login\" rel=\"nofollow ugc\">\u003Cstrong>Panopto\u003C\u002Fstrong>\u003C\u002Fa> (Login to Panopto)\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fwordpress-canvas-lms-single-sign-on-sso-login\" rel=\"nofollow ugc\">\u003Cstrong>Canvas LMS\u003C\u002Fstrong>\u003C\u002Fa> (Login to Canvas)\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fwordpress-absorb-lms-single-sign-on-sso-login\" rel=\"nofollow ugc\">\u003Cstrong>Absorb LMS\u003C\u002Fstrong>\u003C\u002Fa> (Login to Absorb) – \u003Cem>Requires \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fwordpress-saml-idp\" rel=\"nofollow ugc\">Premium version\u003C\u002Fa>\u003C\u002Fem>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fwordpress-talentlms-single-sign-on-sso-login\" rel=\"nofollow ugc\">\u003Cstrong>TalentLMS\u003C\u002Fstrong>\u003C\u002Fa> (Login to TalentLMS) – \u003Cem>Requires \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fwordpress-saml-idp\" rel=\"nofollow ugc\">Premium version\u003C\u002Fa>\u003C\u002Fem>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fwordpress-rocketchat-single-sign-on-sso-login\" rel=\"nofollow ugc\">\u003Cstrong>RocketChat\u003C\u002Fstrong>\u003C\u002Fa> (Login to RocketChat)\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fwordpress-learnupon-lms-single-sign-on-sso-login\" rel=\"nofollow ugc\">\u003Cstrong>LearnUpon\u003C\u002Fstrong>\u003C\u002Fa> (Login to LearnUpon)\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fwordpress-ispring-lms-single-sign-on-sso-login\" rel=\"nofollow ugc\">\u003Cstrong>iSpring LMS\u003C\u002Fstrong>\u003C\u002Fa> (Login to iSpring LMS)\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fwordpress-frontline-education-lms-single-sign-on-sso-login\" rel=\"nofollow ugc\">\u003Cstrong>Frontline Education\u003C\u002Fstrong>\u003C\u002Fa> (Login to Frontline Education)\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fwordpress-360learning-lms-single-sign-on-sso-login\" rel=\"nofollow ugc\">\u003Cstrong>360Learning\u003C\u002Fstrong>\u003C\u002Fa> (Login to 360Learning)\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fwordpress-lessonly-lms-single-sign-on-sso-login\" rel=\"nofollow ugc\">\u003Cstrong>Lessonly\u003C\u002Fstrong>\u003C\u002Fa> (Login to Lessonly)\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fwordpress-tovuti-lms-single-sign-on-sso-login\" rel=\"nofollow ugc\">\u003Cstrong>Tovuti LMS\u003C\u002Fstrong>\u003C\u002Fa> (Login to Tovuti LMS)\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fwordpress-klipfolio-single-sign-on-sso-login\" rel=\"nofollow ugc\">\u003Cstrong>Klipfolio\u003C\u002Fstrong>\u003C\u002Fa> (Login to Klipfolio)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Thinkific\u003C\u002Fstrong> (Login to Thinkific)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>iPipeline\u003C\u002Fstrong> (Login to iPipeline)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Higher Logic\u003C\u002Fstrong> (Login to HigherLogic)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Mendix\u003C\u002Fstrong> (Login to Mendix)\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fwordpress-zendesk-single-sign-on-sso-login\" rel=\"nofollow ugc\">\u003Cstrong>Zendesk\u003C\u002Fstrong>\u003C\u002Fa> (Login to Zendesk)\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fwordpress-linkedin-single-sign-on-sso-login\" rel=\"nofollow ugc\">\u003Cstrong>LinkedIn Learning\u003C\u002Fstrong>\u003C\u002Fa> (Login to LinkedIn Learning)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Tiled\u003C\u002Fstrong> (Login to Tiled)\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fwordpress-bluejeans-single-sign-on-sso-login\" rel=\"nofollow ugc\">\u003Cstrong>BlueJeans\u003C\u002Fstrong>\u003C\u002Fa> (Login to BlueJeans)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>LifeRay\u003C\u002Fstrong> (Login to LifeRay)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>SAP Litmos\u003C\u002Fstrong> (Login to SAP Litmos)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>MindGarden\u003C\u002Fstrong> (Login to MindGarden)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Learnworlds\u003C\u002Fstrong> (Login to Learnworlds)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Documoto\u003C\u002Fstrong> (Login to Documoto) – \u003Cem>Requires \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fwordpress-saml-idp\" rel=\"nofollow ugc\">Premium version\u003C\u002Fa>\u003C\u002Fem>\u003Cbr \u002F>\nand practically any SAML compliant Service Provider.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Note\u003C\u002Fstrong> : \u003Cem>Some Service Providers require additional attributes to configure SSO. This is a Premium feature. Feel free to ask us for a trial version of the Premium plugin to test the SSO. Reach out to us using the Support form in the plugin or simply send us a mail at \u003Ca href=\"mailto:wpidpsupport@xecurify.com\" rel=\"nofollow ugc\">wpidpsupport@xecurify.com\u003C\u002Fa>.\u003C\u002Fem>\u003C\u002Fp>\n\u003Cp>To know more about the plugin and how to Login with WordPress, please visit \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fwordpress-saml-idp\" rel=\"nofollow ugc\">this\u003C\u002Fa> page.\u003C\u002Fp>\n\u003Cp>If you are looking to SSO into your WordPress site with any SAML compliant Identity Provider then we have a separate plugin for that. \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fminiorange-saml-20-single-sign-on\u002F\" rel=\"ugc\"> Click Here \u003C\u002Fa> to learn more.\u003C\u002Fp>\n\u003Cp>If you require any Single Sign On application or need any help with installing this plugin, please feel free to email us at \u003Ca href=\"mailto:wpidpsupport@xecurify.com\" rel=\"nofollow ugc\">wpidpsupport@xecurify.com\u003C\u002Fa>. You can also submit your query from plugin’s configuration page.\u003C\u002Fp>\n\u003Ch4>Special Use-Cases :\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>Tableau views inside your WordPress site\u003C\u002Fstrong> – Now your users can see Tableau views inside your WordPress site without the user ever leaving your site! miniOrange WordPress SAML IDP plugin can make that happen and make it look seamless! Login with WordPress User into Tableau.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Zoom SSO\u003C\u002Fstrong> – Allow \u002F Restrict access to your Zoom meetings and webinars. Only allow your WordPress users to join Zoom meetings and webinars.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Freshdesk SSO for Agents and Contacts\u003C\u002Fstrong> – Your customers can now SSO from your WordPress site into Freshdesk without entering the credentials again! Login with WordPress User into Freshdesk.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Login with WordPress users into Cognito\u003C\u002Fstrong> – You can add WordPress as an external SAML Identity Provider in AWS Cognito. This will allow your WordPress users to login to Cognito using their WordPress credentials! Login with WordPress User into AWS SSO Cognito.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>WordPress & LMS SSO\u003C\u002Fstrong> – Most of the LMS out there (Moodle LMS integration, Absorb LMS, Canvas LMS SSO, TalentLMS, Flagship LMS, etc) support SAML Single Sign-On. Now, you can advertise your courses on your WordPress site, and log the user in into your LMS automatically without having to enter the credentials again. Login with WordPress User into Moodle LMS integration \u002F Absorb LMS \u002F Canvas LMS \u002F TalentLMS \u002F Flagship LMS.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>WordPress Salesforce Object Sync\u003C\u002Fstrong> – Sync WordPress data with Salesforce data using \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fobject-data-sync-for-salesforce\u002F\" rel=\"ugc\">Object Data Sync for Salesforce\u003C\u002Fa> plugin. Our \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fwordpress-object-sync-for-salesforce\" rel=\"nofollow ugc\">WordPress Salesforce data sync\u003C\u002Fa> plugin works in tandem with the WordPress SAML IDP plugin to facilitate seamless WP Salesforce login, and also \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fsync-salesforce-objects-to-wordpress\" rel=\"nofollow ugc\">syncs all WordPress object data with Salesforce object data\u003C\u002Fa> in Salesforce using Apex triggers on the Salesforce side. Know more about our WordPress Salesforce Object Sync plugin by reaching out to us at \u003Ca href=\"mailto:wpidpsupport@xecurify.com\" rel=\"nofollow ugc\">wpidpsupport@xecurify.com\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>These are some of the most requested use-cases out of hundreds of use-cases that are supported by our plugin!\u003C\u002Fp>\n\u003Ch4>Key Features :-\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Login with WordPress to any SAML 2.0 or WS-FED or JWT compliant Service Provider like Tableau Online, Tableau Server, Tableau Cloud, Panopto, Zoho SAML SSO\u002FZoho CRM\u002FZoho One, Freshdesk, Moodle LMS integration, miniOrange, Thinkific, Canvas LMS, Absorb LMS, TalentLMS, iPipeline, Mendix, NextCloud, Hubspot, HigherLogic, Zendesk, LinkedIn Learning, Tiled, BlueJeans, SAP Litmos, LifeRay, MindGarden, Zoom, AWS SSO Cognito, WordPress, Documoto, etc. using your WordPress site credentials.\u003C\u002Fli>\n\u003Cli>Single Sign-On (SSO)\u003Cbr \u002F>\nEasy, secure, and seamless access to any SAML 2.0, WS-FED, or JWT applications with a single login i.e. Login with wordpress users \u002F authenticate users into applications using WordPress credentials.\u003C\u002Fli>\n\u003Cli>Single Logout\u003Cbr \u002F>\nTerminate user’s Single Sign-On session on WordPress as well as on Service Provider applications, when the user logs out of your WP site or any configured Service Provider application. (Premium Feature)\u003C\u002Fli>\n\u003Cli>Widget\u002FShortcode to add SP Login\u003Cbr \u002F>\nAdd a link or button anywhere on your WordPress site, acting as an Identity Provider, to allow IDP initiated SSO into your single or multiple applications.\u003C\u002Fli>\n\u003Cli>Easily configure the Identity Provider by providing just the Issuer, ACS URL and NameID format.\u003C\u002Fli>\n\u003Cli>Multisite Support\u003Cbr \u002F>\nSupports configuring WordPress Multisite Network installation as an Identity Provider, allowing users to SSO login into Service Provider applications using WordPress Multisite credentials. (Premium Feature)\u003C\u002Fli>\n\u003Cli>Use the IDP Metadata XML file \u002F URL to instantly configure your Service Provider.\u003C\u002Fli>\n\u003Cli>We regularly update the X.509 certificate so that you have the most secure WordPress SSO login experience.\u003C\u002Fli>\n\u003Cli>Multiple SPs Supported\u003Cbr \u002F>\nAllow users to Single Sign-On into multiple applications at once by configuring multiple Service Providers (SP) with WordPress as the Identity Provider (IDP). (Premium Feature)\u003C\u002Fli>\n\u003Cli>Make user login more secure by signing and encrypting responses to Service Provider (Premium feature).\u003C\u002Fli>\n\u003Cli>Use the Attribute & Role Mapping feature to map WordPress user profile attributes to your SP attributes, and send roles assigned to users from your WordPress site to your Service Provider (Premium feature).\u003C\u002Fli>\n\u003Cli>Custom Login Page\u003Cbr \u002F>\nSupports custom login page and custom registration page along with the default WordPress login page to allow users to sign up themselves in WordPress (Premium feature).\u003C\u002Fli>\n\u003Cli>SAML Request Verification & Response Encryption\u003Cbr \u002F>\nSecures transactions of user profile information from WordPress to Service Providers using signature verification and assertion encryption in SAML Response.\u003C\u002Fli>\n\u003Cli>Embed Panopto\u003Cbr \u002F>\nEmbedding Panopto video content into your WordPress Site.\u003C\u002Fli>\n\u003Cli>Tableau Embed\u003Cbr \u002F>\nTableua Embed effortlessly embeds interactive Tableau visualizations and graphs directly into your WordPress pages and posts.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Need OAuth or OIDC Instead of SAML? :\u003C\u002Fh4>\n\u003Cp>If your integration requirements are based on the OAuth\u002FOIDC protocols, you can explore our \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\u002Fwp-oauth-server?utm_source=readme&utm_medium=oauth_server_lp&utm_campaign=server_plugin\" rel=\"nofollow ugc\">WordPress OAuth Server plugin\u003C\u002Fa>. It allows WordPress to act as an authorization server and supports Single Sign On for applications that use OAuth 2.0, which is particularly well-suited for mobile, API-driven, and modern cloud environments where lightweight token-based authentication is preferred.\u003C\u002Fp>\n\u003Ch4>Website –\u003C\u002Fh4>\n\u003Cp>Check out our website for other plugins \u003Ca href=\"https:\u002F\u002Fplugins.miniorange.com\" rel=\"nofollow ugc\">https:\u002F\u002Fplugins.miniorange.com\u003C\u002Fa> or \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fsearch.php?q=miniorange\" rel=\"ugc\">click here\u003C\u002Fa> to see all our listed WordPress plugins.\u003Cbr \u002F>\nFor more support or info email us at \u003Ca href=\"mailto:wpidpsupport@xecurify.com\" rel=\"nofollow ugc\">wpidpsupport@xecurify.com\u003C\u002Fa>. You can also submit your query from the plugin’s configuration page.\u003C\u002Fp>\n","Single sign on (SSO) login with WordPress Users into any Service Provider like Tableau, Thinkific, Zoom, Moodle LMS, Canvas LMS, Absorb LMS, TalentLMS",600,35294,96,60,"2026-03-25T12:25:00.000Z","4.8","5.6",[52,53,54,22,55],"login-with-wordpress","saml-idp","saml-idp-sso","tableau","https:\u002F\u002Fplugins.miniorange.com\u002Fwordpress-saml-idp","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fminiorange-wp-as-saml-idp.1.16.6.zip",98,2,"2024-11-15 20:41:13",{"slug":62,"name":63,"version":64,"author":65,"author_profile":66,"description":67,"short_description":68,"active_installs":69,"downloaded":70,"rating":25,"num_ratings":31,"last_updated":71,"tested_up_to":72,"requires_at_least":73,"requires_php":74,"tags":75,"homepage":77,"download_link":78,"security_score":79,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"yubikey","Yubikey","1.0.1","Kieran O'Shea","https:\u002F\u002Fprofiles.wordpress.org\u002Fkieranoshea\u002F","\u003Cp>This plugin dramatically enhances the security of your WordPress website by adding Multi Factor Authentication (MFA) in the form of One Time Passwords (OTP)\u003Cbr \u002F>\nusing \u003Ca href=\"https:\u002F\u002Fwww.yubico.com\u002F\" rel=\"nofollow ugc\">Yubikey USB Tokens\u003C\u002Fa>. In addition to providing your username and password to login, this plugin requests an OTP code\u003Cbr \u002F>\ngenerated by a Yubikey, validates this via an API and only grants access if this check passes. The requirement to use an OTP can be set on a user by user\u003Cbr \u002F>\nbasis and there is also a feature to require users above a certain privilege level to always use OTP.\u003C\u002Fp>\n\u003Ch3>External services\u003C\u002Fh3>\n\u003Cp>This plugin connects to an API to validate the OTP tokens generated by your security key. This is required because storing the private keys\u003Cbr \u002F>\non the same web server as the site you wish to protect would be a security risk.\u003C\u002Fp>\n\u003Cp>By default Yubico’s own validation server is employed, although you may setup your own server and use this instead\u003C\u002Fp>\n\u003Cp>The default Yubico API only collects the one time password (OTP) data as provided by your security key when you login. The service validates this\u003Cbr \u002F>\nand then stores this token as “used” so it may not be replayed as part of an attack. It does not collect any other data (such as what URL is being\u003Cbr \u002F>\nauthenticated using the key etc.)\u003C\u002Fp>\n\u003Cp>This service is provided by “Yubico AB”: \u003Ca href=\"https:\u002F\u002Fwww.yubico.com\u002Fsupport\u002Fterms-conditions\u002Fprivacy-notice\u002F\" rel=\"nofollow ugc\">Privacy Policy\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fwww.yubico.com\u002Fsupport\u002Fterms-conditions\u002Fyubico-website-terms-conditions\u002F\" rel=\"nofollow ugc\">Terms of Use\u003C\u002Fa>\u003C\u002Fp>\n","Enhanced login security for WordPress by requiring the presentation of a One Time Password (OTP) from a registered Yubikey",40,1017,"2025-05-09T07:32:00.000Z","6.8.5","5.2","",[18,19,20,76,62],"security","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fyubikey\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fyubikey.1.0.1.zip",92,{"slug":81,"name":82,"version":64,"author":81,"author_profile":83,"description":84,"short_description":85,"active_installs":86,"downloaded":87,"rating":11,"num_ratings":11,"last_updated":88,"tested_up_to":89,"requires_at_least":90,"requires_php":91,"tags":92,"homepage":74,"download_link":95,"security_score":79,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"logto","Logto – User Authentication and Authorization","https:\u002F\u002Fprofiles.wordpress.org\u002Flogto\u002F","\u003Cp>Thank you for choosing \u003Ca href=\"https:\u002F\u002Flogto.io\u002F?ref=wpp\" rel=\"nofollow ugc\">Logto\u003C\u002Fa>! By integrating Logto into your WordPress site, you are not only enhancing the security and user experience of your site, but also enabling a unified login experience across all your applications.\u003C\u002Fp>\n\u003Ch3>Why Logto?\u003C\u002Fh3>\n\u003Cp>Logto is an open-source Auth0 alternative and a modern authentication and authorization solution for all your applications, including your WordPress sites. With Logto, you can:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Enable passwordless login, social login, single sign-on (SSO), and multi-factor authentication (MFA) for your WordPress site.\u003C\u002Fli>\n\u003Cli>Use role-based access control (RBAC) to manage user permissions.\u003C\u002Fli>\n\u003Cli>Support generic OAuth2, OpenID Connect, and SAML protocols.\u003C\u002Fli>\n\u003Cli>Customize the login and registration pages to match your brand.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>In addition, Logto offers dozens of out-of-the-box integrations with popular social login providers, including Google, GitHub, Entra ID (Azure AD), Facebook, and more. Check out the \u003Ca href=\"https:\u002F\u002Fdocs.logto.io\u002Fintegrations\" rel=\"nofollow ugc\">full list of built-in integrations and social login providers\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Get started\u003C\u002Fh3>\n\u003Cp>If you are new to Logto, we recommend checking out our \u003Ca href=\"https:\u002F\u002Fdocs.logto.io\u002F\" rel=\"nofollow ugc\">introduction page\u003C\u002Fa> to have a quick overview of Logto concepts and features.\u003C\u002Fp>\n\u003Cp>If you are looking for a step-by-step guide to set up Logto, please refer to our \u003Ca href=\"https:\u002F\u002Fdocs.logto.io\u002Fquick-start\u002Fwordpress-plugin\" rel=\"nofollow ugc\">WordPress plugin quick start guide\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>If you have any questions or feedback, please feel free to:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fdiscord.com\u002Finvite\u002FUEPaF3j5e6\" rel=\"nofollow ugc\">Join our Discord server\u003C\u002Fa> to get help from the community.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Flogto-io\u002Fwordpress\u002Fissues\" rel=\"nofollow ugc\">Open an issue on GitHub\u003C\u002Fa> to report bugs or request features.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Flogto.io\u002F\" rel=\"nofollow ugc\">Subscribe to a paid plan\u003C\u002Fa> to get access to official support and more features.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>From WordPress admin panel\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Go to \u003Cstrong>Plugins\u003C\u002Fstrong> > \u003Cstrong>Add New\u003C\u002Fstrong>.\u003C\u002Fli>\n\u003Cli>Search for “Logto”.\u003C\u002Fli>\n\u003Cli>Click \u003Cstrong>Install Now\u003C\u002Fstrong>.\u003C\u002Fli>\n\u003Cli>Click \u003Cstrong>Activate\u003C\u002Fstrong>.\u003C\u002Fli>\n\u003Cli>Go to \u003Cstrong>Settings\u003C\u002Fstrong> > \u003Cstrong>Logto\u003C\u002Fstrong> to configure the plugin.\u003C\u002Fli>\n\u003Cli>Follow the \u003Ca href=\"https:\u002F\u002Fdocs.logto.io\u002Fquick-start\u002Fwordpress-plugin\" rel=\"nofollow ugc\">quick start guide\u003C\u002Fa> to set up Logto.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>From WordPress.org\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Search for “Logto” in the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002F\" rel=\"ugc\">WordPress.org plugin directory\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>Download the plugin ZIP file.\u003C\u002Fli>\n\u003Cli>Go to \u003Cstrong>Plugins\u003C\u002Fstrong> > \u003Cstrong>Add New\u003C\u002Fstrong> in your WordPress admin panel.\u003C\u002Fli>\n\u003Cli>Click \u003Cstrong>Upload Plugin\u003C\u002Fstrong>.\u003C\u002Fli>\n\u003Cli>Select the downloaded ZIP file and click \u003Cstrong>Install Now\u003C\u002Fstrong>.\u003C\u002Fli>\n\u003Cli>Click \u003Cstrong>Activate\u003C\u002Fstrong>.\u003C\u002Fli>\n\u003Cli>Go to \u003Cstrong>Settings\u003C\u002Fstrong> > \u003Cstrong>Logto\u003C\u002Fstrong> to configure the plugin.\u003C\u002Fli>\n\u003Cli>Follow the \u003Ca href=\"https:\u002F\u002Fdocs.logto.io\u002Fquick-start\u002Fwordpress-plugin\" rel=\"nofollow ugc\">quick start guide\u003C\u002Fa> to set up Logto.\u003C\u002Fli>\n\u003C\u002Fol>\n","Enable beautiful and secure user authentication, including passwordless, social login, single sign-on, multi-factor authentication (MFA), and more.",20,923,"2025-04-02T19:09:00.000Z","6.7.5","6.0","8.1",[18,93,94,21,22],"oauth","oidc","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flogto.1.0.1.zip",{"slug":97,"name":98,"version":99,"author":100,"author_profile":101,"description":102,"short_description":103,"active_installs":104,"downloaded":105,"rating":11,"num_ratings":11,"last_updated":106,"tested_up_to":14,"requires_at_least":107,"requires_php":108,"tags":109,"homepage":111,"download_link":112,"security_score":25,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":113},"authress","SSO Login – Universal (OAuth + SAML)","0.2.107","Authress","https:\u002F\u002Fprofiles.wordpress.org\u002Fauthress\u002F","\u003Cp>This plugin upgrades the standard \u003Cstrong>WordPress login\u003C\u002Fstrong> forms with one powered by \u003Ca href=\"https:\u002F\u002Fauthress.io\" rel=\"nofollow ugc\">Authress\u003C\u002Fa> that enables:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Universal authentication\u003C\u002Fstrong>\n\u003Cul>\n\u003Cli>Over 40 social login providers\u003C\u002Fli>\n\u003Cli>Enterprise connections (SAML, Office 365, Google Apps, and more)\u003C\u002Fli>\n\u003Cli>Customer configurable SSO connections\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Ultra secure\u003C\u002Fstrong>\n\u003Cul>\n\u003Cli>User identity\u003C\u002Fli>\n\u003Cli>Security access policies\u003C\u002Fli>\n\u003Cli>Mitigate brute force attacks\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Which includes:\u003Cbr \u002F>\n– Azure AD and B2C\u003Cbr \u002F>\n– Office 365\u003Cbr \u002F>\n– WSO2\u003Cbr \u002F>\n– Ping Identity\u003Cbr \u002F>\n– Okta\u003Cbr \u002F>\n– Auth0\u003Cbr \u002F>\n– Keyclock\u003Cbr \u002F>\n– LinkedIn\u003Cbr \u002F>\n– Salesforce\u003Cbr \u002F>\n– Twitter\u003Cbr \u002F>\n– Google Workspace\u003Cbr \u002F>\n– Yahoo\u003Cbr \u002F>\n– Salesforce\u003Cbr \u002F>\n– Hubspot\u003Cbr \u002F>\n– Steam\u003Cbr \u002F>\n– Slack\u003Cbr \u002F>\n– And any custom OAuth2.1, OpenID, or SAML provider\u003C\u002Fp>\n\u003Cp>With \u003Cstrong>SSO Login\u003C\u002Fstrong>, you can automatically support business and enterprise customers that have important security requirements for their users to use your site and platform.\u003C\u002Fp>\n\u003Ch3>Technical Notes\u003C\u002Fh3>\n\u003Cp>By using this plugin you are delegating the site authentication and profile handling to Authress. That means that you won’t need to use the WordPress database to authenticate users and the default WordPress login forms will be upgraded to support the new SSO Login flow.\u003C\u002Fp>\n\u003Cp>Please see our \u003Ca href=\"https:\u002F\u002Fauthress.io\u002Fknowledge-base\u002F\" rel=\"nofollow ugc\">knowledge base\u003C\u002Fa> for more information on how Authress authenticates and manages your users.\u003C\u002Fp>\n\u003Ch4>Migrating Existing Users\u003C\u002Fh4>\n\u003Cp>Authress allows multiple authentication providers. You can have social providers like Facebook, Twitter, Google+, a database of users and passwords (just like WordPress), or you can use an Enterprise directories like, Office365, Google Apps, SAML, OpenID, OAuth2.1. All those authentication providers are supported and more.\u003C\u002Fp>\n\u003Ch3>How to customize this plugin\u003C\u002Fh3>\n\u003Cp>This plugin provides extension points to make it easier to configure it exactly as you need. Check out the full docs:\u003Cbr \u002F>\n* \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FAuthress\u002Fwordpress-sso-login\u002Fblob\u002Fmain\u002Fdocs\u002Fcustomizations.md\" rel=\"nofollow ugc\">SSO Login customizations\u003C\u002Fa>\u003C\u002Fp>\n","SSO Login provides user login, business authentication, SSO, Social login, and Single Sign-On for all sites.",10,5248,"2025-11-29T18:03:00.000Z","5.5","8.2",[18,93,21,110,22],"single-sign-on","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fauthress","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fauthress.0.2.107.zip","2026-04-06T09:54:40.288Z",{"slug":115,"name":116,"version":64,"author":117,"author_profile":118,"description":119,"short_description":120,"active_installs":11,"downloaded":121,"rating":25,"num_ratings":31,"last_updated":122,"tested_up_to":72,"requires_at_least":15,"requires_php":123,"tags":124,"homepage":126,"download_link":127,"security_score":79,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":113},"frontegg-saml-sso","Frontegg SAML SSO","Frontegg","https:\u002F\u002Fprofiles.wordpress.org\u002Ffrontegg\u002F","\u003Cp>Frontegg SAML SSO replaces the default WordPress login and logout experiences with seamless SAML authentication via \u003Ca href=\"https:\u002F\u002Ffrontegg.com\" rel=\"nofollow ugc\">Frontegg\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>This plugin is designed for modern SaaS and enterprise WordPress environments where you need to enforce login via an external identity provider (IdP).\u003C\u002Fp>\n\u003Cp>It includes:\u003Cbr \u002F>\n– 🔐 Secure SAML 2.0 login and logout\u003Cbr \u002F>\n– 📋 Admin-friendly configuration of SSO URLs and certificate\u003Cbr \u002F>\n– 📎 Auto-generated SP (Service Provider) values (Entity ID, ACS URL, SLO URL)\u003Cbr \u002F>\n– 🧭 Redirect control after logout\u003Cbr \u002F>\n– 🔄 Auto-redirects from \u003Ccode>wp-login.php\u003C\u002Fcode> to Frontegg\u003Cbr \u002F>\n– ✨ Clean and accessible admin UI using native WordPress components\u003C\u002Fp>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>This plugin is licensed under the GPL v2.0 or later. See LICENSE.txt for details.\u003C\u002Fp>\n","Replace the WordPress login and logout flows with secure SAML-based authentication via Frontegg. Easily configure your SSO app from the admin panel.",342,"2025-04-23T23:01:00.000Z","7.4",[125,18,21,110,22],"authentication","https:\u002F\u002Ffrontegg.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ffrontegg-saml-sso.zip",{"attackSurface":129,"codeSignals":248,"taintFlows":348,"riskAssessment":468,"analyzedAt":478},{"hooks":130,"ajaxHandlers":224,"restRoutes":244,"shortcodes":245,"cronEvents":246,"entryPointCount":247,"unprotectedCount":247},[131,137,141,146,151,153,156,159,161,164,167,171,175,179,183,188,193,196,199,202,205,207,209,213,217,221],{"type":132,"name":133,"callback":134,"file":135,"line":136},"action","admin_menu","addAdminMenu","inc\\Api\\SettingsApi.php",23,{"type":132,"name":138,"callback":139,"file":135,"line":140},"admin_init","registerCustomFields",27,{"type":132,"name":142,"callback":143,"file":144,"line":145},"admin_enqueue_scripts","enqueue","inc\\Base\\Enqueue.php",12,{"type":132,"name":147,"callback":148,"file":149,"line":150},"admin_footer","closure","inc\\functions.php",903,{"type":132,"name":147,"callback":148,"file":149,"line":152},964,{"type":132,"name":142,"callback":154,"file":149,"line":155},"enqueue_email_script",1012,{"type":132,"name":142,"callback":157,"file":149,"line":158},"enqueue_password_script",1015,{"type":132,"name":138,"callback":148,"file":149,"line":160},1073,{"type":132,"name":162,"callback":148,"file":149,"line":163},"shutdown",1079,{"type":132,"name":165,"callback":148,"file":149,"line":166},"admin_notices",1113,{"type":132,"name":138,"callback":168,"file":169,"line":170},"handle_csv_export","inc\\Pages\\Admin.php",22,{"type":132,"name":172,"callback":173,"file":169,"line":174},"init","initialize_custom_filters",80,{"type":132,"name":176,"callback":177,"file":169,"line":178},"admin_post_upload_metadata","handle_metadata_upload",81,{"type":132,"name":180,"callback":181,"file":169,"line":182},"admin_post_download_sp_metadata","rainbow_secure_saml_metadata_download",83,{"type":184,"name":185,"callback":186,"priority":31,"file":169,"line":187},"filter","upload_mimes","add_custom_upload_mimes",149,{"type":132,"name":189,"callback":190,"file":191,"line":192},"wp_enqueue_scripts","rainbow_secure_enqueue_styles","inc\\validate.php",28,{"type":132,"name":172,"callback":194,"file":195,"line":79},"rainbow_secure_saml_load_translations","rainbow-secure.php",{"type":132,"name":172,"callback":197,"priority":31,"file":195,"line":198},"rainbow_secure_saml_checker",95,{"type":132,"name":172,"callback":200,"priority":31,"file":195,"line":201},"rainbow_secure_saml_slo",107,{"type":132,"name":172,"callback":203,"priority":31,"file":195,"line":204},"rainbow_secure_saml_sso",111,{"type":132,"name":172,"callback":203,"priority":31,"file":195,"line":206},128,{"type":132,"name":172,"callback":203,"priority":31,"file":195,"line":208},141,{"type":184,"name":210,"callback":211,"file":195,"line":212},"login_message","rainbow_secure_saml_custom_login_footer",143,{"type":132,"name":214,"callback":215,"priority":31,"file":195,"line":216},"register_form","saml_user_register",148,{"type":132,"name":218,"callback":219,"priority":104,"file":195,"line":220},"login_enqueue_scripts","rainbow_secure_enqueue_script",156,{"type":132,"name":142,"callback":222,"file":195,"line":223},"rainbow_secure_enqueue_modal_scripts",190,[225,231,234,237,240],{"action":226,"nopriv":227,"callback":228,"hasNonce":227,"hasCapCheck":227,"file":229,"line":230},"fetch_subscription_data",false,"handle","inc\\Api\\Ajax\\FetchSubscriptionDataHandler.php",8,{"action":232,"nopriv":227,"callback":228,"hasNonce":227,"hasCapCheck":227,"file":233,"line":230},"request_otp_api1","inc\\Api\\Ajax\\OtpAjaxHandler.php",{"action":235,"nopriv":227,"callback":228,"hasNonce":227,"hasCapCheck":227,"file":236,"line":230},"check_user_subscription_limit","inc\\Api\\Ajax\\SubscriptionCheckAjaxHandler.php",{"action":238,"nopriv":227,"callback":228,"hasNonce":227,"hasCapCheck":227,"file":239,"line":230},"sync_users_api2","inc\\Api\\Ajax\\SyncUsersAjaxHandler.php",{"action":241,"nopriv":227,"callback":242,"hasNonce":227,"hasCapCheck":227,"file":149,"line":243},"rainbow_send_activity_email","rainbow_send_activity_email_callback",1214,[],[],[],5,{"dangerousFunctions":249,"sqlUsage":250,"outputEscaping":252,"fileOperations":59,"externalRequests":230,"nonceChecks":338,"capabilityChecks":339,"bundledLibraries":340},[],{"prepared":59,"raw":11,"locations":251},[],{"escaped":253,"rawEcho":254,"locations":255},118,43,[256,260,262,264,266,268,270,272,274,276,278,280,282,284,286,288,290,292,294,296,298,300,302,304,306,308,309,311,313,315,316,318,319,320,321,323,325,327,329,330,332,335,336],{"file":257,"line":258,"context":259},"inc\\Api\\Callbacks\\AdminCallbacks.php",62,"raw output",{"file":149,"line":261,"context":259},16,{"file":149,"line":263,"context":259},290,{"file":149,"line":265,"context":259},294,{"file":149,"line":267,"context":259},303,{"file":149,"line":269,"context":259},321,{"file":149,"line":271,"context":259},324,{"file":149,"line":273,"context":259},327,{"file":149,"line":275,"context":259},420,{"file":149,"line":277,"context":259},482,{"file":149,"line":279,"context":259},586,{"file":149,"line":281,"context":259},630,{"file":149,"line":283,"context":259},632,{"file":149,"line":285,"context":259},857,{"file":149,"line":287,"context":259},877,{"file":149,"line":289,"context":259},931,{"file":149,"line":291,"context":259},1140,{"file":191,"line":293,"context":259},13,{"file":191,"line":295,"context":259},36,{"file":191,"line":297,"context":259},42,{"file":191,"line":299,"context":259},44,{"file":191,"line":301,"context":259},45,{"file":191,"line":303,"context":259},46,{"file":191,"line":305,"context":259},55,{"file":191,"line":307,"context":259},57,{"file":191,"line":258,"context":259},{"file":191,"line":310,"context":259},67,{"file":191,"line":312,"context":259},69,{"file":191,"line":314,"context":259},76,{"file":191,"line":174,"context":259},{"file":191,"line":317,"context":259},85,{"file":191,"line":79,"context":259},{"file":191,"line":33,"context":259},{"file":191,"line":58,"context":259},{"file":191,"line":322,"context":259},102,{"file":191,"line":324,"context":259},121,{"file":191,"line":326,"context":259},124,{"file":191,"line":328,"context":259},131,{"file":191,"line":216,"context":259},{"file":191,"line":331,"context":259},152,{"file":333,"line":334,"context":259},"templates\\activation-key.php",14,{"file":333,"line":261,"context":259},{"file":337,"line":295,"context":259},"templates\\admin.php",3,4,[341,344],{"name":342,"version":26,"knownCves":343},"DataTables",[],{"name":345,"version":346,"knownCves":347},"jQuery","3.4.1",[],[349,366,384,394,412,424,447,457],{"entryPoint":350,"graph":351,"unsanitizedCount":31,"severity":365},"rainbow_secure_saml_custom_login_footer (inc\\functions.php:94)",{"nodes":352,"edges":363},[353,357],{"id":354,"type":355,"label":356,"file":149,"line":201},"n0","source","$_GET",{"id":358,"type":359,"label":360,"file":149,"line":361,"wp_function":362},"n1","sink","echo() [XSS]",108,"echo",[364],{"from":354,"to":358,"sanitized":227},"medium",{"entryPoint":367,"graph":368,"unsanitizedCount":31,"severity":365},"handle_metadata_upload (inc\\Pages\\Admin.php:417)",{"nodes":369,"edges":381},[370,373,376],{"id":354,"type":355,"label":371,"file":169,"line":372},"$_FILES",452,{"id":358,"type":374,"label":375,"file":169,"line":372},"transform","→ process_metadata_file()",{"id":377,"type":359,"label":378,"file":169,"line":379,"wp_function":380},"n2","file_get_contents() [SSRF\u002FLFI]",465,"file_get_contents",[382,383],{"from":354,"to":358,"sanitized":227},{"from":358,"to":377,"sanitized":227},{"entryPoint":385,"graph":386,"unsanitizedCount":31,"severity":365},"\u003CAdmin> (inc\\Pages\\Admin.php:0)",{"nodes":387,"edges":391},[388,389,390],{"id":354,"type":355,"label":371,"file":169,"line":372},{"id":358,"type":374,"label":375,"file":169,"line":372},{"id":377,"type":359,"label":378,"file":169,"line":379,"wp_function":380},[392,393],{"from":354,"to":358,"sanitized":227},{"from":358,"to":377,"sanitized":227},{"entryPoint":395,"graph":396,"unsanitizedCount":11,"severity":411},"rainbow_secure_saml_acs (inc\\functions.php:254)",{"nodes":397,"edges":407},[398,401,403],{"id":354,"type":355,"label":399,"file":149,"line":400},"$_REQUEST (x2)",284,{"id":358,"type":374,"label":402,"file":149,"line":400},"→ rainbow_secure_redirect_to_relaystate_if_trusted()",{"id":377,"type":359,"label":404,"file":149,"line":405,"wp_function":406},"wp_redirect() [Open Redirect]",53,"wp_redirect",[408,409],{"from":354,"to":358,"sanitized":227},{"from":358,"to":377,"sanitized":410},true,"low",{"entryPoint":413,"graph":414,"unsanitizedCount":11,"severity":411},"rainbow_secure_saml_sls (inc\\functions.php:547)",{"nodes":415,"edges":421},[416,419,420],{"id":354,"type":355,"label":417,"file":149,"line":418},"$_REQUEST['RelayState']",579,{"id":358,"type":374,"label":402,"file":149,"line":418},{"id":377,"type":359,"label":404,"file":149,"line":405,"wp_function":406},[422,423],{"from":354,"to":358,"sanitized":227},{"from":358,"to":377,"sanitized":410},{"entryPoint":425,"graph":426,"unsanitizedCount":11,"severity":411},"\u003Cfunctions> (inc\\functions.php:0)",{"nodes":427,"edges":441},[428,429,430,431,433,435,437,439],{"id":354,"type":355,"label":356,"file":149,"line":201},{"id":358,"type":359,"label":360,"file":149,"line":361,"wp_function":362},{"id":377,"type":355,"label":399,"file":149,"line":400},{"id":432,"type":374,"label":402,"file":149,"line":400},"n3",{"id":434,"type":359,"label":404,"file":149,"line":405,"wp_function":406},"n4",{"id":436,"type":355,"label":417,"file":149,"line":418},"n5",{"id":438,"type":374,"label":402,"file":149,"line":418},"n6",{"id":440,"type":359,"label":404,"file":149,"line":405,"wp_function":406},"n7",[442,443,444,445,446],{"from":354,"to":358,"sanitized":410},{"from":377,"to":432,"sanitized":227},{"from":432,"to":434,"sanitized":410},{"from":436,"to":438,"sanitized":227},{"from":438,"to":440,"sanitized":410},{"entryPoint":448,"graph":449,"unsanitizedCount":11,"severity":411},"\u003Cadmin> (templates\\admin.php:0)",{"nodes":450,"edges":455},[451,454],{"id":354,"type":355,"label":452,"file":337,"line":453},"$_GET['message']",21,{"id":358,"type":359,"label":360,"file":337,"line":453,"wp_function":362},[456],{"from":354,"to":358,"sanitized":410},{"entryPoint":458,"graph":459,"unsanitizedCount":11,"severity":411},"\u003Ccustomize-actions> (templates\\customize-actions.php:0)",{"nodes":460,"edges":466},[461,463],{"id":354,"type":355,"label":371,"file":462,"line":192},"templates\\customize-actions.php",{"id":358,"type":359,"label":464,"file":462,"line":254,"wp_function":465},"update_option() [Settings Manipulation]","update_option",[467],{"from":354,"to":358,"sanitized":410},{"summary":469,"deductions":470},"The 'rainbow-secure' plugin version 1.3.0 exhibits a mixed security posture. On the positive side, it demonstrates good practices with all SQL queries utilizing prepared statements and a relatively high percentage of output escaping. The absence of recorded historical vulnerabilities and CVEs is also a strong indicator of a historically well-maintained codebase. However, a significant concern arises from the substantial attack surface presented by its AJAX handlers. All five AJAX handlers lack authentication checks, making them direct entry points for potential attackers. While taint analysis did not reveal critical or high-severity unsanitized flows, the presence of three flows with unsanitized paths warrants attention. This, combined with the unprotected AJAX endpoints, suggests a risk of unauthorized actions or data manipulation if these flows can be triggered through the exposed handlers. The plugin also performs file operations and external HTTP requests, which, without proper validation or sanitization tied to the unprotected AJAX endpoints, could introduce further vulnerabilities.",[471,473,476],{"reason":472,"points":104},"Unprotected AJAX handlers",{"reason":474,"points":475},"Flows with unsanitized paths",6,{"reason":477,"points":338},"Bundled outdated jQuery v3.4.1","2026-03-17T05:46:18.031Z",{"wat":480,"direct":507},{"assetPaths":481,"generatorPatterns":493,"scriptPaths":494,"versionParams":495},[482,483,484,485,486,487,488,489,490,491,492],"\u002Fwp-content\u002Fplugins\u002Frainbow-secure\u002Fassets\u002Fhide-login-form.js","\u002Fwp-content\u002Fplugins\u002Frainbow-secure\u002Fassets\u002Fmodal.css","\u002Fwp-content\u002Fplugins\u002Frainbow-secure\u002Fassets\u002Fmodal.js","\u002Fwp-content\u002Fplugins\u002Frainbow-secure\u002Fassets\u002Fcss\u002Fbootstrap.min.css","\u002Fwp-content\u002Fplugins\u002Frainbow-secure\u002Fassets\u002Fjs\u002Fbootstrap.bundle.min.js","\u002Fwp-content\u002Fplugins\u002Frainbow-secure\u002Fassets\u002Fjs\u002Fpopper.min.js","\u002Fwp-content\u002Fplugins\u002Frainbow-secure\u002Fassets\u002Fcss\u002FdataTables.bootstrap5.min.css","\u002Fwp-content\u002Fplugins\u002Frainbow-secure\u002Fassets\u002Fjs\u002FdataTables.min.js","\u002Fwp-content\u002Fplugins\u002Frainbow-secure\u002Fassets\u002Fjs\u002FdataTables.bootstrap5.min.js","\u002Fwp-content\u002Fplugins\u002Frainbow-secure\u002Fassets\u002Fjs\u002Fdatatable-init.js","\u002Fwp-content\u002Fplugins\u002Frainbow-secure\u002Fassets\u002Fjs\u002Fsend-activity-email.js",[],[482,484,486,487,489,490,491,492],[496,497,498,499,500,501,502,503,504,505,506],"rainbow-secure\u002Fassets\u002Fhide-login-form.js?ver=","rainbow-secure\u002Fassets\u002Fmodal.css?ver=","rainbow-secure\u002Fassets\u002Fmodal.js?ver=","rainbow-secure\u002Fassets\u002Fcss\u002Fbootstrap.min.css?ver=","rainbow-secure\u002Fassets\u002Fjs\u002Fbootstrap.bundle.min.js?ver=","rainbow-secure\u002Fassets\u002Fjs\u002Fpopper.min.js?ver=","rainbow-secure\u002Fassets\u002Fcss\u002FdataTables.bootstrap5.min.css?ver=","rainbow-secure\u002Fassets\u002Fjs\u002FdataTables.min.js?ver=","rainbow-secure\u002Fassets\u002Fjs\u002FdataTables.bootstrap5.min.js?ver=","rainbow-secure\u002Fassets\u002Fjs\u002Fdatatable-init.js?ver=","rainbow-secure\u002Fassets\u002Fjs\u002Fsend-activity-email.js?ver=",{"cssClasses":508,"htmlComments":510,"htmlAttributes":513,"restEndpoints":514,"jsGlobals":516,"shortcodeOutput":518},[509],"rainbow-secure-dataTables-bootstrap5-min-css",[511,512,512,512,512],"\u003C!-- added -->","\u003C!--added-->",[],[515],"\u002Fwp-json\u002Frainbow-secure\u002Fv1\u002Fajax",[517],"rainbowSecure",[],{"error":410,"url":520,"statusCode":521,"statusMessage":522,"message":522},"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Frainbow-secure\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":339,"versions":524},[525,532,539,546],{"version":526,"download_url":527,"svn_tag_url":528,"released_at":26,"has_diff":227,"diff_files_changed":529,"diff_lines":26,"trac_diff_url":530,"vulnerabilities":531,"is_current":227},"1.3","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Frainbow-secure.1.3.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Frainbow-secure\u002Ftags\u002F1.3\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Frainbow-secure%2Ftags%2F1.2&new_path=%2Frainbow-secure%2Ftags%2F1.3",[],{"version":533,"download_url":534,"svn_tag_url":535,"released_at":26,"has_diff":227,"diff_files_changed":536,"diff_lines":26,"trac_diff_url":537,"vulnerabilities":538,"is_current":227},"1.2","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Frainbow-secure.1.2.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Frainbow-secure\u002Ftags\u002F1.2\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Frainbow-secure%2Ftags%2F1.1&new_path=%2Frainbow-secure%2Ftags%2F1.2",[],{"version":540,"download_url":541,"svn_tag_url":542,"released_at":26,"has_diff":227,"diff_files_changed":543,"diff_lines":26,"trac_diff_url":544,"vulnerabilities":545,"is_current":227},"1.1","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Frainbow-secure.1.1.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Frainbow-secure\u002Ftags\u002F1.1\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Frainbow-secure%2Ftags%2F1.0&new_path=%2Frainbow-secure%2Ftags%2F1.1",[],{"version":547,"download_url":548,"svn_tag_url":549,"released_at":26,"has_diff":227,"diff_files_changed":550,"diff_lines":26,"trac_diff_url":26,"vulnerabilities":551,"is_current":227},"1.0","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Frainbow-secure.1.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Frainbow-secure\u002Ftags\u002F1.0\u002F",[],[]]