CVEs-PoC/2016/CVE-2016-10928.md at c3bdd84ebdf10f92e604f80d6e9359b7d32300ee - CVEs-PoC - MS-GitHub-Backup (Gitea)

CalvinBackup/CVEs-PoC

mirror of https://github.com/0xMarcio/cve.git synced 2026-06-01 11:01:35 +02:00

Files

T

0xMarcio cb00e1339f Update CVE list 2025-09-29 21:09

2025-09-29 21:09:30 +02:00

665 B

Raw Blame History

CVE-2016-10928

Description

The onelogin-saml-sso plugin before 2.2.0 for WordPress has a hardcoded @@@nopass@@@ password for just-in-time provisioned users.

POC

Reference

https://github.com/onelogin/wordpress-saml/commit/fbe808e2fd8fde8cb7e6bf365c5334b5702262da

Github

https://github.com/20142995/nuclei-templates