CVE-2022-4496: 
WordPress vulnerability analysis and mitigation

CVE-2022-4496 is a security vulnerability affecting multiple versions of the SAML SSO WordPress plugins developed by miniOrange. Specifically, it impacts the SAML SSO Standard WordPress plugin (versions 16.0.0 to 16.0.8), SAML SSO Premium WordPress plugin (versions 12.0.0 to 12.1.0), and SAML SSO Premium Multisite WordPress plugin (versions 20.0.0 to 20.0.7). The vulnerability was discovered by Chirag Ketan Prajapati and publicly disclosed on January 6, 2023 (WPScan Premium, WPScan Standard, WPScan Multisite).

The vulnerability is classified as an Open Redirect issue (CWE-601) that occurs when the plugin fails to validate that the redirect parameter in its SSO login endpoint points to an internal site URL. This security flaw is particularly exploitable when a user is already logged in. The vulnerability has been assigned a CVSS v3.1 base score of 6.1 (Medium) with the vector string CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N (NVD).

When exploited, this vulnerability could allow attackers to redirect users to malicious websites after they log in through the SSO functionality. This could potentially lead to phishing attacks or other social engineering attempts targeting authenticated users (WPScan Premium).

The vulnerability has been patched in the following versions: SAML SSO Standard WordPress plugin version 16.0.8, SAML SSO Premium WordPress plugin version 12.1.0, and SAML SSO Premium Multisite WordPress plugin version 20.0.7. Users are advised to update to these or later versions to mitigate the vulnerability (WPScan Premium).