CVE-2022-34155 – CVE-2022-34155 is an authentication bypass vuln... (How to Fix)

Q: What is the severity of CVE-2022-34155?

CVE-2022-34155 has a CVSS score of 8.8 (HIGH). CVE-2022-34155 is an authentication bypass vulnerability in the miniOrange OAuth Single Sign On WordPress plugin. Attackers can bypass authentication mechanisms to gain unauthorized access to WordPress sites. This affects all WordPress installations using vulnerable versions of the plugin.

📋 TL;DR

CVE-2022-34155 is an authentication bypass vulnerability in the miniOrange OAuth Single Sign On WordPress plugin. Attackers can bypass authentication mechanisms to gain unauthorized access to WordPress sites. This affects all WordPress installations using vulnerable versions of the plugin.

💻 Affected Systems

Products:

miniOrange OAuth Single Sign On – SSO (OAuth Client) WordPress plugin

Versions: All versions up to and including 6.23.3

Operating Systems: Any OS running WordPress

Default Config Vulnerable: ⚠️ Yes

Notes: Affects WordPress sites with the vulnerable plugin installed and activated.

📦 What is this software?

Oauth Single Sign On by Miniorange

View all CVEs affecting Oauth Single Sign On →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete site takeover with administrative privileges, allowing data theft, malware injection, defacement, and lateral movement to other systems.

🟠

Likely Case

Unauthorized access to user accounts, privilege escalation, and potential data exfiltration from the WordPress site.

🟢

If Mitigated

Limited impact with proper network segmentation, strong authentication controls, and monitoring in place.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Authentication bypass vulnerabilities are typically easy to exploit once details are known.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 6.23.4 or later

Vendor Advisory: https://patchstack.com/database/vulnerability/miniorange-login-with-eve-online-google-facebook/wordpress-oauth-single-sign-on-sso-oauth-client-plugin-6-23-3-broken-authentication-vulnerability

Restart Required: No

Instructions:

1. Log into WordPress admin panel. 2. Navigate to Plugins → Installed Plugins. 3. Find 'OAuth Single Sign On – SSO (OAuth Client)'. 4. Click 'Update Now' if available. 5. Alternatively, download version 6.23.4+ from WordPress repository and manually update.

🔧 Temporary Workarounds

Disable vulnerable plugin

all

Temporarily disable the plugin until patched

wp plugin deactivate miniorange-login-with-eve-online-google-facebook

🧯 If You Can't Patch

Implement web application firewall (WAF) rules to block authentication bypass attempts
Enable strict access controls and monitor for unusual authentication patterns

🔍 How to Verify

Check if Vulnerable:

Check WordPress admin panel → Plugins → OAuth Single Sign On – SSO (OAuth Client) version

Check Version:

wp plugin get miniorange-login-with-eve-online-google-facebook --field=version

Verify Fix Applied:

Confirm plugin version is 6.23.4 or higher

📡 Detection & Monitoring

Log Indicators:

Unusual authentication patterns
Failed login attempts followed by successful access
Admin panel access from unexpected IPs

Network Indicators:

HTTP requests bypassing normal authentication flows
Unusual OAuth callback patterns

SIEM Query:

source="wordpress" AND (event="authentication_bypass" OR plugin_version="6.23.3")

📊 Metadata

CVE ID: CVE-2022-34155

CVSS v3 Score: 8.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-287

Published: July 18, 2023

Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-34155, you might also want to check these: