The plugin leaks its OAuth client_secret, which could be used by attackers to gain unauthorized access to the site.
### PoC
The PoC will be displayed on August 23, 2022, to give users the time to update.Read More
Simple Single Sign On <= 4.1.0 – Authentication Bypass
