EPSS
Percentile
53.4%
Cross-Site Scripting (XSS) vulnerability discovered by Zeroauth in WordPress SAML SP Single Sign On plugin (versions <= 4.8.83).
Update the WordPress SAML SP Single Sign On plugin to the latest available version (at least 4.8.84).
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6850
wordpress.org/plugins/miniorange-saml-20-single-sign-on/#developers
zeroauth.ltd/blog/2020/01/28/cve-2020-6850-miniorange-saml-wp-plugin-before-4-8-84-is-vulnerable-to-xss-via-a-specially-crafted-saml-xml-response/