Product
A critical authentication bypass vulnerability (CVE-2026-15013) exists in the SAML Single Sign On - SSO Login plugin for WordPress, affecting all versions up to and including 5.4.3, enabling unauthenticated attackers to forge SAML assertions and achieve full administrator-level account takeover due to signature algorithm confusion.