sixtomartin

@sixtomartin · wordpress.org profile ↗
Member since
2013-04-14
Location
Employer
IAM Digital Services
Job title
CEO
Authored
1
SVN commit access
1
Readme contributor
0
Combined install base
7k+ across 1 plugins

Alerts (0)

No open alerts.

Show 1 resolved alert
Medium code_scan_delta OneLogin SAML SSO Resolved · fp_base64_saml_encoding 1d ago
Slugonelogin-saml-sso
Previous version3.4.0
Current version3.6.0
New findings
PatternKindFileLineSnippetConfidence
base64_decodebuiltinphp/lib/Saml2/Auth.php142$inResponseTo = OneLogin_Saml2_LogoutRequest::getID(gzinflate(base64_decode($_GET['SAMLRequest'])));medium
gzinflatebuiltinphp/lib/Saml2/Auth.php142$inResponseTo = OneLogin_Saml2_LogoutRequest::getID(gzinflate(base64_decode($_GET['SAMLRequest'])));medium
base64_decodebuiltinphp/lib/Saml2/LogoutResponse.php174if (!$objKey->verifySignature($signedQuery, base64_decode($_GET['Signature']))) {medium
base64_decodebuiltinphp/lib/Saml2/LogoutRequest.php330if (!$objKey->verifySignature($signedQuery, base64_decode($_GET['Signature']))) {medium
New finding count4
View raw JSON
{
    "slug": "onelogin-saml-sso",
    "previous_version": "3.4.0",
    "current_version": "3.6.0",
    "new_findings": [
        {
            "pattern": "base64_decode",
            "kind": "builtin",
            "file": "php/lib/Saml2/Auth.php",
            "line": 142,
            "snippet": "$inResponseTo = OneLogin_Saml2_LogoutRequest::getID(gzinflate(base64_decode($_GET['SAMLRequest'])));",
            "confidence": "medium"
        },
        {
            "pattern": "gzinflate",
            "kind": "builtin",
            "file": "php/lib/Saml2/Auth.php",
            "line": 142,
            "snippet": "$inResponseTo = OneLogin_Saml2_LogoutRequest::getID(gzinflate(base64_decode($_GET['SAMLRequest'])));",
            "confidence": "medium"
        },
        {
            "pattern": "base64_decode",
            "kind": "builtin",
            "file": "php/lib/Saml2/LogoutResponse.php",
            "line": 174,
            "snippet": "if (!$objKey->verifySignature($signedQuery, base64_decode($_GET['Signature']))) {",
            "confidence": "medium"
        },
        {
            "pattern": "base64_decode",
            "kind": "builtin",
            "file": "php/lib/Saml2/LogoutRequest.php",
            "line": 330,
            "snippet": "if (!$objKey->verifySignature($signedQuery, base64_decode($_GET['Signature']))) {",
            "confidence": "medium"
        }
    ],
    "new_finding_count": 4
}

Plugins authored (1)

Plugin Version Installs Last updated Status
OneLogin SAML SSO ·onelogin-saml-sso 3.6.0 7k+ 1d ago Active

SVN commit access (1)

Plugins this account has pushed commits to, reconstructed from plugins.svn.wordpress.org. A new name showing up here on an established plugin is the strongest ownership-transfer signal.

Plugin Primary author Installs Commits First Latest Status
OneLogin SAML SSO sixtomartin 7k+ 2 4y ago 6mo ago Active