CVE-2025-10753 in OAuth Single Sign On Plugin
Summary
by MITRE • 02/06/2026
The OAuth Single Sign On – SSO (OAuth Client) plugin for WordPress is vulnerable to unauthorized access in all versions up to, and including, 6.26.14. This is due to missing capability checks and authentication verification on the OAuth redirect functionality accessible via the 'oauthredirect' option parameter. This makes it possible for unauthenticated attackers to set the global redirect URL option via the redirect_url parameter granted they can access the site directly.
Be aware that VulDB is the high quality source for vulnerability data.
Analysis
by VulDB Data Team • 02/06/2026
The vulnerability identified as CVE-2025-10753 affects the OAuth Single Sign On SSO plugin for WordPress, specifically targeting versions up to and including 6.26.14. This represents a critical security flaw that undermines the fundamental authentication mechanisms designed to protect WordPress sites utilizing OAuth integration. The vulnerability stems from inadequate access controls within the plugin's redirect functionality, creating a pathway for malicious actors to manipulate the authentication flow without proper authorization.
The technical implementation flaw resides in the plugin's handling of the 'oauthredirect' option parameter, which lacks proper capability checks and authentication verification. This absence of validation allows unauthenticated attackers to manipulate the global redirect URL option through the redirect_url parameter. The vulnerability is particularly concerning because it operates at the core authentication layer, where the plugin's redirect functionality should enforce strict access controls to prevent unauthorized modifications to the OAuth flow.
From an operational perspective, this vulnerability creates significant risk for WordPress administrators who rely on the plugin for secure single sign-on operations. Attackers can exploit this weakness to redirect users to malicious sites, potentially leading to credential theft, phishing attacks, or other malicious activities. The impact extends beyond simple unauthorized access as it compromises the integrity of the entire OAuth authentication process, undermining trust in the plugin's security mechanisms.
The vulnerability aligns with CWE-284, which addresses improper access control in software systems, and represents a clear violation of the principle of least privilege. Additionally, this issue maps to ATT&CK technique T1566, which covers phishing attacks through social engineering, as attackers can leverage the compromised redirect functionality to direct users to malicious endpoints. The attack vector requires direct access to the site, making it particularly dangerous for administrators who may inadvertently expose their systems to untrusted users or who have weak access controls on their WordPress installations.
Mitigation strategies should include immediate plugin updates to versions that address the capability check deficiencies, implementation of network-level access controls to restrict direct site access, and thorough monitoring of authentication logs for suspicious redirect activities. Administrators should also consider implementing additional security layers such as two-factor authentication and regular security audits of third-party plugins to prevent similar vulnerabilities from compromising their WordPress environments.