WordPress · Wordpress Single Sign-On (Sso) Plugin · CVE-2025-6003
**Name of the Vulnerable Software and Affected Versions**
WordPress Single Sign-On (SSO) plugin for WordPress versions prior to 5.3
**Description**
The issue is related to a misconfigured capability check on a function, allowing unauthorized access. This enables unauthenticated attackers to extract sensitive data, including site content restricted to certain users and/or roles.
**Recommendations**
For versions prior to 5.3, update to version 5.3 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive data and site content until the update is applied.