Search Results :

×

Wordpress Single Sign On
Release Notes


WP Single Sign On / Release Note


Feature Breakdown

Version 5.2.1

Version 5.2.0

Version 5.1.9

Version 5.1.8

Version 5.1.7

Version 5.1.6

Version 5.1.5

Version 5.1.4

Version 5.1.3

Version 5.1.2

Version 5.1.1

Version 5.1.0

Version 5.0.9

Version 5.0.8

Version 5.0.7

Version 5.0.6

Version 5.0.5

Version 5.0.4

Version 5.0.3

Version 5.0.2

Version 5.0.1

Version 5.0.0

Version 5.9.32

Version 5.9.31

Version 5.9.30

Version 5.9.29

Version 12.2.9

Version 12.2.8

Version 12.2.7

Version 12.2.6

Version 12.2.5

Version 12.2.4

Version 12.2.3

Version 12.2.2

Version 12.2.1

Version 12.2.0

Version 12.1.9

Version 12.1.8

Version 12.1.7.1

Version 12.1.7

Version 12.1.6

Version 12.1.5

Version 12.1.4

Version 12.1.3

Version 12.1.2

Version 12.1.1

Version 12.1.0

Version 12.0.9

Version 25.2.5

Version 25.2.4

Version 25.2.3

Version 25.2.2

Version 25.2.1

Version 25.2.0

Version 25.1.9

Version 25.1.8

Version 25.1.7

Version 25.1.6

Version 25.1.5

Version 25.1.4

Version 25.1.3

Version 25.1.2

Version 25.1.1

Version 25.1.0

Version 25.0.9

Version 25.0.8

Version 25.0.7

Version 25.0.6

Version 25.0.5

Version 25.0.4

Version 25.0.3

Version 25.0.2

Version 25.0.1

Version 20.1.5

Version 20.1.4

Version 20.1.3

Version 20.1.2

Version 20.1.1

Version 20.1.0

Version 20.0.9

Version 20.0.8

Version 20.0.7

Version 20.0.6

Version 20.0.5

Version 20.0.4

Version 20.0.3

Version 20.0.2

Version 20.0.1

v . 5 . 2 . 1

Improvement Bugfix
  •   

    Compatibility with WordPress 6.7.

  •   

    Usability Improvement

v . 5 . 2 . 0

New
  •   

    Added the pot files for French, Spanish, German and Japanese Languages.

Improvement Bugfix
  •   

    UI Improvements.

v . 5 . 1 . 9

Improvement Bugfix
  •   

    Improvements to the SSO button on the WordPress login page.

  •   

    UI Improvements.

v . 5 . 1 . 8

Improvement Bugfix
  •   

    Handled Fatal Errors when PHP extensions (CURL, DOM, OPENSSL) are disabled.

  •   

    Clarified error codes on the Test Configuration tab for easier troubleshooting.

  •   

    Fixed console warnings during registration and login in the Account Setup Tab.

  •   

    UI Improvements.

v . 5 . 1 . 7

New
  •   

    Added translation support.

  •   

    Added additional checks around the wp-config.php access flow.


Improvement Bugfix
  •   

    Compatibility with WordPress 6.6.

  •   

    UI improvements.

v . 5 . 1 . 6

Improvement Bugfix
  •   

    Fix for wp-config.php file read flow.

v . 5 . 1 . 5

Improvement Bugfix
  •   

    Added PHPCS Fixes.

  •   

    Fix for the warning while editing the Theme.

  •   

    Performance Fixes.

v . 5 . 1 . 4

Improvement Bugfix
  •   

    Compatibility Fixes with WordPress 6.5.

v . 5 . 1 . 3

Improvement Bugfix
  •   

    Updating pricing links for WordPress SSO Plugin.

v . 5 . 1 . 2

Improvement Bugfix
  •   

    Added free trial for SAML SSO.

v . 5 . 1 . 1

Improvement Bugfix
  •   

    Updates in SAML SSO Plans UI.

v . 5 . 1 . 0

Improvement Bugfix
  •   

    SSO span Fix on update.

v . 5 . 0 . 9

Improvement Bugfix
  •   

    Fix for iconv() warning in linux environment.

  •   

    Fix for upgrade to premium versions.

  •   

    Minor UI improvements.

v . 5 . 0 . 8

Improvement Bugfix
  •   

    WP 6.4 Compatibility

  •   

    Compatibility fix with Themify Plugin

  •   

    UI fixes.

v . 5 . 0 . 7

Improvement Bugfix
  •   

    WP 6.3 Compatibility.

  •   

    Added proper error message when wp-config.php is not writable for enabling debug logs.

  •   

    Fix for warning in the list of IDP logos.

v . 5 . 0 . 6

Improvement Bugfix
  •   

    Fix for NetIQ SAML IDP Logo.

  •   

    Fix for x509 certificate in SAML SSO Configurations.

v . 5 . 0 . 5

Improvement Bugfix
  •   

    Vulnerability fix for Broken Access Control in SSO Settings.

v . 5 . 0 . 4

Improvement Bugfix
  •   

    Added additional exception handling checks to enhance the validation of SAML Response.

  •   

    Added Steps to download the paid plugin.

  •   

    Minor Bug Fixes.

v . 5 . 0 . 3

Improvement Bugfix
  •   

    Added new IDPs like Siteminder, VMWare, OpenAthens.

  •   

    Minor Bug Fixes.

v . 5 . 0 . 2

Improvement Bugfix
  •   

    Added new IDPs like Sharepoint, Dynamic CRM, LastPass, Drupal.

v . 5 . 0 . 1

Improvement Bugfix
  •   

    Compatibility with WordPress 6.2.

  •   

    Added iconv encoding issue flow.

  •   

    Fixed plugin update using FTP replace.

  •   

    Fixed SSO widget title issue.

  •   

    Fixed plugin deactivation issue.

  •   

    Fixes in debug log functionality.

v . 5 . 0 . 0

Improvement Bugfix
  •   

    Added PHPCS fixes.

v . 5 . 9 . 32

Improvement Bugfix
  •   

    Security fix for Open Redirect Vulnerability.

v . 5 . 9 . 31

Improvement Bugfix
  •   

    Fixes in Logger Functionality.

v . 5 . 9 . 30

New
  •   
    Assertion Time Check:

    Provided an option in the plugin to disable the time validity check for SAML assertion.


Improvement Bugfix
  •   
    Browser UI Compatibility:

    Fixed UI issues for Safari Browser.

  •   
    Removed Bootstrap.js and Popper.js Dependency:

    Removed dependency from bootstrap.js and popper.js, by adding custom js in the plugin.

  •   
    Custom CSS:

    Added custom CSS in place of using bootstrap.css library.

  •   
    Images:

    Converted all the images to .webp format from .png format.

v . 5 . 9 . 29

Improvement Bugfix
  •   

    WordPress 6.1 Compatibility.

  •   
    PHP 8.1 fixes:

    Fixed PHP TypeError arising due to passing non-array values in PHP Array functions.

  •   
    Import / Export fixes:

    • Fixed error while Importing Environment configurations.

    • SSO Login span and Domain restriction configurations importing successfully.

v . 12 . 2 . 9

  October 15, 2024


Improvement Bugfix
  •   

    Fixes for disabling updation of whitelisted roles.

  •   

    Fixes for Logout Relay State URL.

v . 12 . 2 . 8

  October 04, 2024


New
  •   

    Added functionality to exclude specific roles from being updated for existing users.


Improvement Bugfix
  •   

    Improvement in the Relative and Absolute relaystate.

  •   

    Improvements to the redirect_to parameter.

v . 12 . 2 . 7

  July 29, 2024


Improvement Bugfix
  •   
    Compatibility with WordPress 6.6:

    Made the plugin compatible with WordPress version 6.6.

  •   
    Added support for Relative URLs to configure Login and Logout relaystate:

    Fixed and added support to save relative URLs in the Logout and Login RelayState fields.

  •   
    Improvements in the support query subject:

    Added version number in plugin heading as well as mentioned the plan name & plugin version in the query email subject line itself.

  •   
    Improvements in the attribute restriction to configure more than one attribute:

    Fixed an issue where, when configuring more than one value in the Allow/Deny user login based on IDP attribute values and checking the allow radio span, attempting to perform SSO with a user having one of these attributes results in a wp_die message instead of providing access to the WP site.

  •   
    Updated .htaccess rules for compatibility with Apache 2.4.59 and upwards:

    Fixed and updated .htaccess file rules in the plugin’s root folder as well as in the resources folder, so that the CSS and JS files can load seamlessly if we have Apache 2.4.59 or later.

  •   
    Fixed backdoor URL issue:

    Fixed an issue in the current implementation of the backdoor URL query that permitted all special characters and scripts to be saved. Restricted this behaviour, and displayed a warning when the user enters special characters in the field.

  •   
    Fixes for fatal error on invalid value of the SAML Request & SAML Response Parameter in URL:

    Fixed an error where, when the plugin is activated and the site URL is accessed with an invalid SAMLRequest/SAMLResponse parameter, a fatal error was received.

  •   
    Fixed backdoor URL's subpath issue:

    Backdoor URL does not redirect to the wordpress login page when third party plugins such as WPS-Hide plugin are activated which are used to change the wp-login subpath.

  •   
    Link Portal for license:

    Since now customers use the portal to access their license details and download the plugin so linked portal for license keys in the plugin.

  •   
    Other minor bug fixes and UI improvements:

    Fixed some other minor issues such as wrong message on status code, attribute/role mapping UI improvements, etc.

v . 12 . 2 . 6

  April 12, 2024


Improvement Bugfix
  •   

    Improvements in plugin notices.

v . 12 . 2 . 5

  April 03, 2024


Improvement Bugfix
  •   
    Fix for Error codes and FAQ text formats:

    Ensured that the SAML support email ID is correctly displayed in the Error Codes tab, with the mailto: attribute. Also In SAML Tracer, include a link to redirect users to the FAQ section where they can download SAML Tracer extension and access related documentation. Additionally, provided more descriptive explanations for error code fix and error.

  •   
    UI Improvements in Attribute/Role Mapping Tab:

    Improved UI for Attribute/Role Mapping Tab.

  •   
    Fix for delete configurations while deleting the plugin:

    Fixed When the Keep settings intact option is disabled and a Plugin is deleted, the Role mapping values, Advanced Settings, and Metadata sync settings are not being removed. All plugin configurations should be deleted when the plugin is removed. Additionally, when metadata syncs, the IDP name is not added, resulting in an empty IDP name value.

  •   
    Improvements in the Licensing Framework:

    Fixed Issues related to Licensing Framework.

  •   
    Fixed invalid trigger of email updated notifications to users during SAML Authentication:

    Added a check that compares the email address (received from SAML Response) with the email address of the user (that exists in WP with the received username in SAML Response) in a case-insensitive manner. The user’s email is updated only if the check fails i.e. the email is completely different.

  •   
    Market Azure and Salesforce solutions:

    Added a check that cA Notice appearing when a customer saves any Azure or Salesforce-related IDP, promoting our Azure and Salesforce solutions.

v . 12 . 2 . 4

  December 27, 2023


Improvement Bugfix
  •   
    Fix for License Activated on Multiple Domains warning:

    Fix for the license activated on multiple domains warning.

  •   
    Fix for RSS Feed accessibility issue on Auto-Redirection:

    Fix for the RSS feed redirection issue and redirection loop in the API call.

v . 12 . 2 . 3

  December 11, 2023


New
  •   
    Sync Only Certificate from Metadata:

    Added an option in the Metadata Sync section to sync only certificates from the metadata.


Improvement Bugfix
  •   
    New and Improved Design of the Service Provider Setup tab:

    Redesigned the user interface of the 'Service Provider Setup' tab within the plugin to show a list of the configured IDPs. Added bulk options as well as IDP status.

  •   
    Improved the Certificate Update flow:

    Added the corrected steps to update the plugin to update to the latest certificate.

  •   
    Added warnings for required PHP extensions:

    Improved the warnings to display errors in case of a missing PHP extension. Handled all cases of error messages.

  •   
    Improved the Metadata Sync functionality:

    • Added notices to notify that manual configuration would be overridden if sync is enabled.

    • Separated the Metadata Sync section in the SP Setup tab.

    • Added a Sync Now span.

  •   
    Implemented PHP Coding Standards:

    Added PHP CS fixes as required in the plugin.

  •   
    Improved import of plugin configuration:

    Added check for required fields in the configuration file. Also added validation for the values of the configuration file.

  •   

    Other UI improvements.

v . 12 . 2 . 2

  November 11, 2023


Improvement Bugfix
  •   
    Default Role Assignment Issue:

    Fixed default role assignment for existing users when role mapping is not configured.

  •   
    Assigning None Role to Existing Users:

    Resolved issue of existing users being assigned no role.

  •   

    Minor Bug fixes.

v . 12 . 2 . 1

  November 09, 2023


Improvement Bugfix
  •   
    Resolved the Issue of Default Role Assignment:

    Resolved a bug where after upgrading to 12.2.0 version, all users were assigned the default role.

v . 12 . 2 . 0

  December 11, 2023


New
  •   
    Assertion Time Validation:

    This features decides whether to check the time validity of SAML Assertion for SSO login.


Improvement Bugfix
  •   
    Redesigned Role Mapping:

    Revamped the user interface of the 'Attribute/Role Mapping' tab within the plugin, introducing improvements for a more intuitive and user-friendly experience, accompanied by comprehensive documentation to guide users through the enhanced features and functionalities.

  •   
    Improvements in Account Info Tab:

    Revamped the Account info tab by adding functionalities such as view your licence keys span, revamped user interface for the licence expiry notice reflecting the remaining days, updated FAQ’s content, etc.

  •   
    Improvements for file paths:

    Used WordPress functions for file paths instead of PHP functions.

  •   
    Reduce DB calls in SAML Response Flow:

    Improved the plugin performance as well as code by Reducing/Removing the unwanted database calls from the SAML Response flow.

v . 12 . 1 . 9

  October 18, 2023


New
  •   

    Added steps on how to resolve the warning message for license key used on multiple domains.

  •   

    Added a Free your License Key link in the Account Info Tab.

  •   

    Added additional type checks for upgrade.


Improvement Bugfix
  •   

    Removed the Regex check on password.

  •   

    Fixed Apply Role Mapping for Admins Issue.

  •   

    Fixed the getValidAudiences on null Issue.

v . 12 . 1 . 8

  October 11, 2023


New
  •   
    Plugin Update via WP CLI:

    Added new functionality to update the plugin to its latest version by using this command: wp saml update.

  •   
    Attribute Mapping for WP Nickname:

    Added updating the WP user's nickname during SSO based on their attributes received inthe SAML Response from the Identity Provider.

  •   
    Do not update Existing User's Display Name:

    Added a new feature which prevents updating the existing user’s display name. All other attributes would be updated as per the attribute mapping configured.

  •   
    Implemented an SSO User Tag for users logging in via SSO:

    Added a new feature that adds an SSO user tag for users logging in via SSO.This feature is useful if you want to differentiate between users logging in via WordPress and those logging in via SSO.


Improvement Bugfix
  •   
    Customize SSO login button Hook:

    A hook is added to customize the SSO login button. Now, it is possible to add icon, custom CSS, etc. on the SSO login button.

  •   
    Exception Handling and Error Codes in the SSO Flow:

    Added Error Codes for the SSO Login Flow in the plugin to help identify issues during SSO more effectively. This ensures that errors and issues encountered during the authentication process are appropriately managed.

  •   
    Optimizations for plugin size:

    Reduce the size of the plugin by compressing the images through converting into SVG format.

  •   
    Keep Settings Intact Default:

    To eliminate the need for manually enabling the Keep setting intact toggle, we've enabled this option automatically upon plugin activation.

  •   
    Certificate Mismatch Iconv Encoding Resolution:

    We have improved the certificate mismatch error to list the exact steps needed to address the Certificate Mismatch error caused by Iconv encoding.

  •   
    Import NameID Format from Metadata:

    Now the NameID format value would be fetched into the plugin settings from Identity Provider Metadata during import or metadata sync.

  •   
    Test Configuration Access restriction:

    The test configuration endpoint will now be accessible to only administrators in WordPress.

  •   
    Licensing Plans Link:

    We have removed the licensing plan from the plugin and added a link to the licensing plans page on our site to provide a smoother and uniform experience.

  •   
    Code improvement for DB Options:

    We improved the plugin code by changing the DB options into constants.

  •   

    Minor Bug Fixes.

v . 12 . 1 . 7 . 1

  September 15, 2023


Improvement Bugfix
  •   
    Accepting SAML Response without Audience URI:

    Relaxed the Audience Restriction check.

  •   
    Resolved warning on plugin’s update page:

    No warning in the debug log when the customer checks for any new updates of the plugin.

  •   
    Resolved Metadata Sync for empty Metadata URL:

    No warning in the debug log when the customer checks for any new updates of the plugin.

  •   
    Added custom CSS for the Admin Dashboard widget:

    Not loading CSS on every page of the site.

  •   
    Added a proper error message for invalid XML:

    In case of an invalid XML in the form of a string. The proper message is displayed.

v . 12 . 1 . 7

  September 08, 2023


Improvement Bugfix
  •   
    PHP 8.2 Compatibility:

    Tested the plugin with PHP 8.2 for compatibility.

  •   
    DOS Attack Vulnerability fix:

    Also known as Entity Expansion Attack, the attack causes growth in resource requirements by simply repeating a large entity over and over again. The quadratic blowup variation can also cause quadratic growth in resources. To prevent this, additional checks were added to handle an invalid XML or an XML that has infinite entities referenced in it. This protects from a DOS attack.

  •   
    Replay Attack Vulnerability fix:

    A replay attack can occur when a valid SAML Response is posted on the site by an attacker within the assertion time validity. This was fixed so that unauthorized access could be prevented.

  •   
    Alpine Linux environments iconv Warning:

    Alpine Linux environments do not support the CP-1252 encoding in iconv function and hence throw a function undefined warning when the iconv toggle is enabled. This was handled so that warnings were not visible on the front end.

  •   
    User session terminated Warning:

    A warning was thrown when the user session is already terminated on logout. This was handled such that the Single Logout is not performed once the user session is already terminated.

  •   
    Advanced Role Mapping Addon Compatibility:

    Fixes were done to make the SSO Plugin compatible with the Advanced Role Mapping addon.

  •   
    Updated all CSS and JS Libraries:

    Updated the versions of all external libraries used in the plugin.

  •   
    Updated .htaccess rules for the root folder:

    Added .htaccess file to restrict license file for the plugin.

  •   
    Updated cookie creation with a secure parameter:

    Added the secure parameter for cookies created by the plugin.

  •   
    Redirection behavior after logout for a non-SSO user:

    A non-SSO user would be redirected to the WP login page after logout from WordPress (this is the default behavior of WordPress).

  •   
    Sending additional parameters with SAML Request:

    Any additional parameters appended to the SSO endpoint will now be relayed with the SAML Request to the Identity Provider.

  •   
    Metadata Sync Settings:

    Added an option for enabling metadata sync in the Service Provider Setup tab. An option to add the Metadata URL as well as to choose the sync interval was also provided.

  •   
    Error message on Encryption Certificate Mismatch:

    Added a proper error message during test configuration as well as SSO if the Encryption Certificate in the plugin and SAML Response mismatches.

v . 12 . 1 . 6

  August 16, 2023


Improvement Bugfix
  •   
    Compatibility with WP 6.3:

    Tested the plugin with WP 6.3 for compatibility.

  •   
    Free Plugin File Configuration Import Error:

    Importing a configuration file from the free plugin version ( > 5.0.0 ) used to cause a fatal error. Free Plugin Configuration File can now be imported without errors.

  •   
    License verification via WP CLI Error:

    An Invalid JSON Error was returned when verifying the plugin license via WP CLI. This was fixed and proper data checks were added.

  •   
    SiteGround Hosting Provider Compatibility:

    SiteGround was pointing out the plugin files as malicious due to obfuscated code. Changes were made to remedy this.

  •   
    Removed unused JQuery:

    Plugin was including an older version of JQuery which was not required.

  •   
    Not Deleting License Options when plugin deactivated from a subsite:

    Plugin deleted license related information from all subsites (where plugin was activated) when the premium single site plugin was deactivated from a subsite in a multisite network. This was modifed for a better user experience. Now the options delete only on the subsite where the plugin was deactivated.

  •   
    License Admin Notice Design:

    The admin dashboard widget as well as admin notice for license expiry includes a link to navigate to plugin settings.

  •   
    License Expiry Date Updation:

    Plugin would now update the License Expiry Date automatically once in 30 days for a improved user experience.

  •   
    File Inclusion Method:

    Improved how the plugin includes the files required for functioning. All file paths are included in the plugin using constants now.

  •   
    Adding data type checks for validation:

    Added validation checks for multiple environments configurations.

v . 12 . 1 . 5

  May 22, 2023


Improvement Bugfix
  •   
    Compatibility with WP 6.2:

    Rolled out fixes for compatibility with WP 6.2.

  •   
    Redesigned Account Info tab:

    Implemented a new and improved design of the Account Info tab for easier navigation and showing information.

  •   
    Added Error Codes Submenu:

    Implemented Error Code in the SSO flow, which will be listed in the plugin’s submenu.

  •   
    Updates in Licensing Framework:

    Fixes and improvements for the plugin licensing.

  •   
    Added Admin Dashboard Widget:

    Added a dashboard widget that shows the miniOrange account’s email address and license expiry date.

  •   
    Added notices in the plugin:

    Implemented notices for easier understanding of the plugin’s framework.

v . 12 . 1 . 4

  Febuary 23, 2023


Improvement Bugfix
  •   
    Bootstrap Version:

    Updated the Bootstrap Version to 5.2.2.

v . 12 . 1 . 3

  January 11, 2023


Improvement Bugfix
  •   

    Fix for license file.

v . 12 . 1 . 2

  January 10, 2023


Improvement Bugfix
  •   

    WordPress 6.1 Compatibility.

  •   
    PHP 8.1 fixes:

    Fixed PHP TypeError arising due to passing non-array values in PHP Array functions.

  •   
    Import / Export fixes:

    • Fixed error while Importing Environment configurations.

    • SSO Login span and Domain restriction configurations importing successfully.

v . 12 . 1 . 1

  November 14, 2022


Improvement Bugfix
  •   

    Compatibilty with WordPress Scanner.

v . 12 . 1 . 0

  November 14, 2022


Improvement Bugfix
  •   

    Security fixes for Open Redirect Vulnerability.

  •   

    Added proper escaping fixes.

v . 12 . 0 . 9

  August 30, 2023


Improvement Bugfix
  •   

    Added New Certificates.

  •   

    Added Trial Frameworks.

v . 25 . 2 . 5

  November 12,2024


New
  •   

    Added functionality to exclude specific roles from being updated for existing users.


Improvement Bugfix
  •   

    Fixes for Logout Relay State URL.

  •   

    Fixes for loading css files for domain mapping functionality.

v . 25 . 2 . 4

  September 19,2024


Improvement Bugfix
  •   

    Added the plugin documentation near the plugin heading.

v . 25 . 2 . 3

  August 05,2024


New
  •   

    Added the filter hook to modify the custom attributes data format.

  •   

    Added the redirect_to parameter for the Redirection & Shortcode flows.


Improvement Bugfix
  •   

    Added the plugin documentation near the plugin heading.

  •   

    Optimized the code of the customer verification flow.

  •   

    Optimized the code of licensing plans and redirection tab.

v . 25 . 2 . 2

  July 08, 2024


New
  •   

    Added the feature to add an unlimited number of IDPs and kept the limit on activated IDPs.

  •   

    Created 2 separate sub-tabs for redirection settings & SSO links, buttons settings.

  •   

    Added domain mapping feature with redirection settings of the wp-login page.

  •   

    Added two distinct flows for the role mapping feature to address scenarios where role mapping is not applicable for new or existing users.


Improvement Bugfix
  •   

    Improved the UI of Service Provider Setup tab.

  •   

    Added the FAQ page link to clarify the purpose of the default IDP plugin.

  •   

    Fixed the relay state flow to handle query parameters present in the relay state.

  •   

    Fixed the sync metadata settings respective to the environment.

  •   

    Fixed the warning issue in the upgrade framework flow.

v . 25 . 2 . 1

  July 08, 2024


New
  •   

    New and improved design of Attribute/Role Mapping Tab.

  •   

    New and improved design of the Service Provider Setup tab.

  •   

    Added logout response url option in the Service Provider Setup tab.

  •   

    Added WPCLI functionality to update, activate, and import configurations into the plugin.

  •   

    Added a form for syncing metadata in Service Provider Setup tab.

  •   

    Added custom metadata fields to configuration file while exporting the configuration.

  •   

    Added a button for Attribute Mapping Configuration in Test Configuration window.

  •   

    Added an option to edit the IDP Name.

  •   

    Added a hook to get complete SAML Assertion.

  •   

    Added an option to configure Nickname.

  •   

    Added default Public Page URL.

  •   

    Added Test Configuration button below IDP Configuration.

  •   

    Added an SSO User Tag for users logging in via SSO.


Improvement Bugfix
  •   

    Updated .htaccess rules for compatibity with Apache 2.4.59 and upwords.

  •   

    Fix for Error codes text formats.

  •   

    Compatibility with salesforce community addon.

  •   

    Updated all CSS and JS Libraries.

  •   

    Updated all font-awesome icons to svg.

  •   

    Updated all images to webp format.

  •   

    Minor bug fixes and UI improvements.

v . 25 . 2 . 0

  May 10, 2024


Improvement Bugfix
  •   

    Fix for file path issue

v . 25 . 1 . 9

  May 08, 2024


New
  •   

    Added the compatibility with WordPress 6.5.

  •   

    Added the compatibility with Guest User login Add-on.

  •   

    Added the warnings for required PHP extensions.

  •   

    Added the option to validate the assertion time of the SAML Response.

  •   

    Added the option to have IDP-specific Login relay state and Logout relay state.

  •   

    Added the certificate sync option from the IDP Metadata.

  •   

    Added the error codes for the case of failed SSO.

  •   

    Added the filter for the Role Mapping flow.

  •   

    Added the version number with the plugin heading.


Improvement Bugfix
  •   

    Fixed the import-export feature for the Multiple Environment Configuration.

  •   

    Fixed the displayed warning on invalid metadata file import.

  •   

    Fixed the redirection flow for users after the logout.

  •   

    Improved customization of the Single Sign-On (SSO) Button displayed on the login page.

  •   

    Improved the UI of the SSO Links Section.

  •   

    Removed non-admin user access from the test configuration endpoint.

v . 25 . 1 . 8

  March 29, 2024


New
  •   

    Added Multiple Environment Feature for configuring plugin settings for all environments (dev, test, production).

  •   

    Added Metadata customization feature allowing admin to input Organization Name, Email Address, and Organization URL in the Service Provider Metadata.

  •   

    Added compatibility for the IP based Redirection to IDP feature.


Improvement Bugfix
  •   

    Fixed the compatibility issues with WP Smart Manager plugin.

  •   

    Fixed invalid trigger of email updated notifications to users during SAML Authentication.

  •   

    Fixed the base64_Decode issue of the Wordfence scanner.

  •   

    Fixed the compatibility issues with 3rd party plugins or themes which use Utilites class name.

v . 25 . 1 . 7

  February 20, 2024


New
  •   

    Added compatibility fixes for PHP 8.2.

  •   

    Added confirmation screen for resetting mapping configuration.


Improvement Bugfix
  •   

    Fixed HTTP Post binding issue with RSS feed.

  •   

    Fixed Validations issues through out the plugin.

  •   

    Fixed support email address through out the plugin.

  •   

    Fixed Domain Mapping issues.

  •   

    Fixed incorrect warning messages while configuring Service Provider Setup tab.

  •   

    Minor fixes related to components text and placement.

  •   

    Improved default IDP assignment flow.

  •   

    Modified allowed characters for adding Identity Provider name.

  •   

    Updated metadata contact information.

v . 25 . 1 . 6

  January 24, 2024


Improvement Bugfix
  •   

    Fixed backdoor URL issue.

  •   

    Fixed Single Logout Request using POST binding.

  •   

    Fixed Vulnerabilities for XML parsing, insecure cookie creation, replay attack, exposed license file and SAML Request/Response jQuery.

  •   

    Fixed iconv warning on Linux Environments.

  •   

    Fixed metadata sync issue for default values.

  •   

    Fixed redirection loop issue from WordPress login page.

  •   

    Fixed invalid license issue on WordPress multisite environment.

v . 25 . 1 . 5

  January 05, 2024


Improvement Bugfix
  •   

    Fixes in the Upgrade Notice.

  •   

    Updates in the Licensing Framework.

v . 25 . 1 . 4

  January 01, 2024


Improvement Bugfix
  •   

    Fixes for Shortcode functionality.

  •   

    Fixes for Auto-Redirection functionality when users are logged-ins.

v . 25 . 1 . 3

  December 15, 2023


New
  •   

    Added Error Codes Submenu.

  •   

    Added Admin Dashboard Widget.

  •   

    Added notices in the plugin.


Improvement Bugfix
  •   

    WordPress 6.4 Compatibility.

  •   

    Redesigned Account Info tab.

  •   

    Updates in Licensing Framework.

v . 25 . 1 . 2

  October 18, 2023


New
  •   

    Added proper error messages on failed domain mapping.

  •   

    Added error handling for max execution time on metadata upload.


Improvement Bugfix
  •   

    WordPress 6.3 Compatibility.

  •   

    Fixed multiple roles assignment bug.

  •   

    Fixed attribute key assigned if value attribute empty.

  •   

    Modified the order of wp_login hook in the plugin.

  •   

    Removed extra Identity Provider Name field in plugin settings.

  •   

    Compatibility fixes for SiteGround hosting provider.

v . 25 . 1 . 1

  July 14, 2023


Improvement Bugfix
  •   

    Bug fix for encrypted SAML Responses.

  •   

    Fixes for auto-redirect functionality.

v . 25 . 1 . 0

  July 12, 2023


New
  •   

    Added IDP specific shortcode.


Improvement Bugfix
  •   

    WordPress 6.2 Compatibility.

  •   

    PHP 8.1 Fixes.

  •   

    UI and Bug fixes.

v . 25 . 0 . 9

  November 25, 2022


New
  •   

    Added RSS feed feature.

  •   

    Added IDP selector UI.

  •   

    Added Azure multitenant compatibility.

  •   

    Added Password Reset flow for Azure B2C.


Improvement Bugfix
  •   

    WordPress 6.1 Compatibility.

  •   

    Updated bootstrap version to 5.1.3.

  •   

    Updated the Licensing Plan Page.

  •   

    Fixed Single Logout for all WordPress versions.

  •   

    Fixed issue with IDP-initiated SLO.

  •   

    Fixed the redirect to Wordpress login page feature.

  •   

    Fixed the redirect-loop issue for public page url.

  •   

    Fixed issue with displaying custom attributes in user menu for a new user after SSO.

  •   

    Fixed RelayState URL for SSO links.

  •   

    Fixed issue in color picker and position of SSO login button.

  •   

    Fixed the auto-selection of default idp.

  •   

    Some bug fixes.

v . 25 . 0 . 8

  September 22, 2022


Improvement Bugfix
  •   

    XSS Vulnerability fixes for malformed SAML Response in Test Configuration flow.

  •   

    Wordfence Compatibility Fixes.

v . 25 . 0 . 7

  September 17, 2022


Improvement Bugfix
  •   

    Added compatibility fixes with WP SAML IDP plugin.

  •   

    Minor bug fix.

v . 25 . 0 . 6

  August 04, 2022


Improvement Bugfix
  •   

    Compatibility with WordPress 6.0.

  •   

    Fixed Domain Mapping issue for Disabled IDPs.

  •   

    Updated SAML handbook links.

v . 25 . 0 . 5

  February 09, 2022


Improvement Bugfix
  •   

    Compatibility with WordPress 5.9.

v . 25 . 0 . 4

  November 23, 2021


Improvement Bugfix
  •   

    Compatibility with WordPress 5.8.

  •   

    Minor UI Fixes.

v . 25 . 0 . 3

  November 12, 2021


New
  •   

    Added new Certificate for Signing and Encryption.


Improvement Bugfix
  •   

    Bug fixes.

v . 25 . 0 . 2

  July 16, 2021


Improvement Bugfix
  •   

    Fixed XSS Vulnerability (CVE-2020-6850).

  •   

    Updated xmlseclibs(Added support for Shibboleth encryption algorithm).

  •   
    Bug fixes:

    Cron fixes for blank IDP bug.

  •   

    Fixed upload metadata issues with Federated Identities(Haka).

  •   

    Compatibility with WordPress 5.8.

v . 25 . 0 . 1

  November 26, 2020


Improvement Bugfix
  •   

    Updated SP Certificate.

  •   

    Compatibility with WordPress 5.6.

  •   

    Bug fixes.

v . 20 . 1 . 5

  October 10, 2024


New
  •   

    Added an SSO User Tag for users logging in via SSO.


Improvement Bugfix
  •   

    New and improved design of Attribute/Role Mapping Tab.

  •   

    Added the warnings for required PHP extensions.

  •   

    Added frontend validations for Backdoor URL.

  •   

    Fixed the displayed warning on invalid metadata file import.

  •   

    Minor bug fixes and improvements.

v . 20 . 1 . 4

  August 05, 2024


New
  •   

    Added reset login button setting for SSO button.

  •   

    Added Logout relay state in Redirection & SSO Links tab.

  •   

    Added a form for syncing metadata in the Service Provider Setup tab.

  •   

    Added the option to validate the assertion time of the SAML Response.

  •   

    Added the version number with the plugin heading.

  •   

    Added copy button for Shortcode in SSO links section.

  •   

    Added validations on the Redirection & SSO Links tab when IDP is not configured.


Improvement Bugfix
  •   

    Minor bug fixes and UI improvements.

v . 20 . 1 . 3

  July 04, 2024


Improvement Bugfix
  •   

    Fixed a login redirect loop issue on subdomains.

v . 20 . 1 . 2

  May 16, 2024


Improvement Bugfix
  •   

    Compatibility with WP 6.5.

  •   

    Updates in Licensing Framework.

  •   

    Fixed an XSS Vulnerability.

  •   

    Fixed an issue with the subsites SSO for subdomain multisite installation.

v . 20 . 1 . 1

  January 01, 2024


New
  •   

    Added Admin Dashboard Widget.

  •   

    Added Error Codes Submenu.

  •   

    Added notices in the plugin.


Improvement Bugfix
  •   

    Compatibility with WP 6.4.

  •   

    Redesigned Account Info tab.

  •   

    Updates in Licensing Framework.

v . 20 . 1 . 0

  July 24, 2023


New
  •   

    Compatibility with siteground hosting.


Improvement Bugfix
  •   

    Compatibility with WP 6.2.

v . 20 . 0 . 9

  July 24, 2023


Improvement Bugfix
  •   

    Updated XML Security Library.

  •   

    Compatibility with WP 6.1.

  •   

    Fixes for PHP 8.1.

  •   

    Fixes in Single Logout flow.

v . 20 . 0 . 8

  November 14, 2022


Improvement Bugfix
  •   

    Compatibility with Wordfence Scanner.

v . 20 . 0 . 7

  september 29, 2022


Improvement Bugfix
  •   

    Vulnerability fix for malformed SAML Response.

  •   

    Security fix for open redirect vulnerability.

  •   

    Modified .htaccess rules.

  •   

    Updated handbook links.

  •   

    Fixed an issue with the subsites list for more than 500 subsites.

  •   

    Fixed apply certificate button.

v . 20 . 0 . 6

  June 22, 2022


New
  •   

    Added IDP selector UI.

  •   

    Added Add-ons tabs.

  •   

    Added check for archived and deleted subsites for license verification.


Improvement Bugfix
  •   

    Added Compatibility with WordPress 6.0.

  •   

    Updated licensing plans.

  •   

    Updated bootstrap version to 5.1.3

  •   

    Fixed Single Logout for different WordPress versions.

  •   

    Fixed an issue with color picker for the Custom login button.

  •   

    Fixed access restriction for the resource files.

v . 20 . 0 . 5

  February 08, 2022


Improvement Bugfix
  •   

    Compatibility fixes for WordPress 5.9.

v . 20 . 0 . 4

  November 23, 2021


Improvement Bugfix
  •   

    Compatibility fixes for WordPress 5.8.

  •   

    Minor UI Fixes.

v . 20 . 0 . 3

  November 16, 2021


New
  •   

    Added new x509 certifcate for Signing and Encryption.


Improvement Bugfix
  •   

    Minor bug fixes.

v . 20 . 0 . 2

  April 09, 2021


Improvement Bugfix
  •   

    Compatible with PHP8.

  •   

    Compatible with WordPress 5.7.

  •   

    Import Metadata Fix.

  •   

    Vulnerability fixes.

v . 20 . 0 . 1

  November 26, 2020


New
  •   

    New Certificate for Signing and Encryption.


Improvement Bugfix
  •   

    Compatible with WordPress 5.6.

  •   

    Vulnerability fixes.

Related Articles

Hello there!

Need Help? We are right here!

support
Contact miniOrange Support
success

Thanks for your inquiry.

If you dont hear from us within 24 hours, please feel free to send a follow up email to info@xecurify.com