Search Results :

×
Meet us at WordCamp Europe | ShopTalk | DrupalCon Conferences to explore our solutions. Know More

Version 12.2.3

 December 11, 2023

Version 12.2.2

 November 11, 2023

Version 12.2.1

 November 9, 2023

Version 12.2.0

 October 31, 2023

Version 12.1.9

 October 18, 2023

Version 12.1.8

 October 11, 2023

Version 12.1.7.1

 September 15, 2023

Version 12.1.7

 September 8, 2023

Version 12.1.6

 August 31, 2023

Version 12.1.5

 May 22, 2023

Version 12.1.4

 February 03, 2023

Version 12.1.3

 January 11, 2023

Version 12.1.2

 January 10, 2023

Version 12.1.1

 November 14, 2022

Version 12.1.0

 September 22, 2022

Version 12.0.9

 August 30, 2023

Version 5.0.7

Version 5.0.6

Version 5.0.5

Version 5.0.4

Version 5.0.3

Version 5.0.2

Version 5.0.1

Version 5.0.0

 January 4, 2023

Version 4.9.32

 January 4, 2023

Version 4.9.31

 January 4, 2023

Version 4.9.30

 January 4, 2023

Version 4.9.29

 January 2023
NEW
  • Sync Only Certificate from Metadata: Added an option in the Metadata Sync section to sync only certificates from the metadata.
IMPROVEMENT
BUGFIX
  • New and Improved Design of the Service Provider Setup tab: Redesigned the user interface of the 'Service Provider Setup' tab within the plugin to show a list of the configured IDPs. Added bulk options as well as IDP status.
  • Improved the Certificate Update flow: Added the corrected steps to update the plugin to update to the latest certificate.
  • Added warnings for required PHP extensions: Improved the warnings to display errors in case of a missing PHP extension. Handled all cases of error messages.
  • Improved the Metadata Sync functionality:
    • Added notices to notify that manual configuration would be overridden if sync is enabled.
    • Separated the Metadata Sync section in the SP Setup tab.
    • Added a Sync Now button.
  • Implemented PHP Coding Standards: Added PHP CS fixes as required in the plugin.
  • Improved import of plugin configuration: Added check for required fields in the configuration file. Also added validation for the values of the configuration file.
  • Other UI improvements.
IMPROVEMENT
BUGFIX
  • Default Role Assignment Issue: Fixed default role assignment for existing users when role mapping is not configured.
  • Assigning None Role to Existing Users: Resolved issue of existing users being assigned no role.
  • Minor Bug fixes.
IMPROVEMENT
BUGFIX
  • Resolved the Issue of Default Role Assignment: Resolved a bug where after upgrading to 12.2.0 version, all users were assigned the default role.
NEW
  • Assertion Time Validation: This features decides whether to check the time validity of SAML Assertion for SSO login.
IMPROVEMENT
BUGFIX
  • Redesigned Role Mapping: Revamped the user interface of the 'Attribute/Role Mapping' tab within the plugin, introducing improvements for a more intuitive and user-friendly experience, accompanied by comprehensive documentation to guide users through the enhanced features and functionalities.
  • Improvements in Account Info Tab: Revamped the Account info tab by adding functionalities such as view your licence keys button, revamped user interface for the licence expiry notice reflecting the remaining days, updated FAQ’s content, etc.
  • Improvements for file paths: Used WordPress functions for file paths instead of PHP functions.
  • Reduce DB calls in SAML Response Flow: Improved the plugin performance as well as code by Reducing/Removing the unwanted database calls from the SAML Response flow.
NEW
  • Plugin Update via WP CLI: Added new functionality to update the plugin to its latest version by using this command: wp saml update.
  • Attribute Mapping for WP Nickname: Added updating the WP user's nickname during SSO based on their attributes received inthe SAML Response from the Identity Provider.
  • Do not update Existing User's Display Name: Added a new feature which prevents updating the existing user’s display name. All other attributes would be updated as per the attribute mapping configured.
  • Implemented an SSO User Tag for users logging in via SSO: Added a new feature that adds an SSO user tag for users logging in via SSO.This feature is useful if you want to differentiate between users logging in via WordPress and those logging in via SSO.
IMPROVEMENT
BUGFIX
  • Customize SSO login button Hook: A hook is added to customize the SSO login button. Now, it is possible to add icon, custom CSS, etc. on the SSO login button.
  • Exception Handling and Error Codes in the SSO Flow: Added Error Codes for the SSO Login Flow in the plugin to help identify issues during SSO more effectively. This ensures that errors and issues encountered during the authentication process are appropriately managed.
  • Optimizations for plugin size: Reduce the size of the plugin by compressing the images through converting into SVG format.
  • Keep Settings Intact Default: To eliminate the need for manually enabling the Keep setting intact toggle, we've enabled this option automatically upon plugin activation.
  • Certificate Mismatch Iconv Encoding Resolution: We have improved the certificate mismatch error to list the exact steps needed to address the Certificate Mismatch error caused by Iconv encoding.
  • Import NameID Format from Metadata: Now the NameID format value would be fetched into the plugin settings from Identity Provider Metadata during import or metadata sync.
  • Test Configuration Access restriction: The test configuration endpoint will now be accessible to only administrators in WordPress.
  • Licensing Plans Link: We have removed the licensing plan from the plugin and added a link to the licensing plans page on our site to provide a smoother and uniform experience.
  • Code improvement for DB Options: We improved the plugin code by changing the DB options into constants.
  • Minor Bug Fixes.
NEW
  • Plugin Update via WP CLI: Added new functionality to update the plugin to its latest version by using this command: wp SAML update.
  • Attribute Mapping for WP Nickname: Added updating the WP user's nickname during SSO based on their attributes received inthe SAML Response from the Identity Provider.
  • Do not update Existing User's Display Name: Added a new feature which prevents updating the existing user’s display name. All other attributes would be updated as per the attribute mapping configured.
  • Implemented an SSO User Tag for users logging in via SSO: Added a new feature that adds an SSO user tag for users logging in via SSO.This feature is useful if you want to differentiate between users logging in via WordPress and those logging in via SSO.
  • Customize SSO login button Hook: A hook is added to customize the SSO login button. Now, it is possible to add icon, custom CSS, etc. on the SSO login button.
  • Exception Handling and Error Codes in the SSO Flow: Added Error Codes for the SSO Login Flow in the plugin to help identify issues during SSO more effectively. This ensures that errors and issues encountered during the authentication process are appropriately managed.
  • Optimizations for plugin size: Reduce the size of the plugin by compressing the images through converting into SVG format.
  • Keep Settings Intact Default: To eliminate the need for manually enabling the Keep setting intact toggle, we've enabled this option automatically upon plugin activation.
  • Certificate Mismatch Iconv Encoding Resolution: We have improved the certificate mismatch error to list the exact steps needed to address the Certificate Mismatch error caused by Iconv encoding.
  • Import NameID Format from Metadata: Now the NameID format value would be fetched into the plugin settings from Identity Provider Metadata during import or metadata sync.
  • Test Configuration Access restriction: The test configuration endpoint will now be accessible to only administrators in WordPress.
  • Licensing Plans Link: We have removed the licensing plan from the plugin and added a link to the licensing plans page on our site to provide a smoother and uniform experience.
  • Code improvement for DB Options: We improved the plugin code by changing the DB options into constants.
  • Minor Bug Fixes.
IMPROVEMENT
BUGFIX
  • Accepting SAML Response without Audience URI: Relaxed the Audience Restriction check.
  • Resolved warning on plugin’s update page: No warning in the debug log when the customer checks for any new updates of the plugin.
  • Resolved Metadata Sync for empty Metadata URL: No warning in the debug log when the customer checks for any new updates of the plugin.
  • Added custom CSS for the Admin Dashboard widget: Not loading CSS on every page of the site.
  • Added a proper error message for invalid XMLIn case of an invalid XML in the form of a string. The proper message is displayed.
IMPROVEMENT
BUGFIX
  • PHP 8.2 Compatibility: Tested the plugin with PHP 8.2 for compatibility.
  • DOS Attack Vulnerability fix: Also known as Entity Expansion Attack, the attack causes growth in resource requirements by simply repeating a large entity over and over again. The quadratic blowup variation can also cause quadratic growth in resources. To prevent this, additional checks were added to handle an invalid XML or an XML that has infinite entities referenced in it. This protects from a DOS attack.
  • Replay Attack Vulnerability fixA replay attack can occur when a valid SAML Response is posted on the site by an attacker within the assertion time validity. This was fixed so that unauthorized access could be prevented.
  • Alpine Linux environments iconv Warning: Alpine Linux environments do not support the CP-1252 encoding in iconv function and hence throw a function undefined warning when the iconv toggle is enabled. This was handled so that warnings were not visible on the front end.
  • User session terminated Warning: A warning was thrown when the user session is already terminated on logout. This was handled such that the Single Logout is not performed once the user session is already terminated.
  • Advanced Role Mapping Addon Compatibility: Fixes were done to make the SSO Plugin compatible with the Advanced Role Mapping addon.
  • Updated all CSS and JS Libraries: Updated the versions of all external libraries used in the plugin.
  • Updated .htaccess rules for the root folder: Added .htaccess file to restrict license file for the plugin.
  • Updated cookie creation with a secure parameter: Added the secure parameter for cookies created by the plugin.
  • Redirection behavior after logout for a non-SSO user: A non-SSO user would be redirected to the WP login page after logout from WordPress (this is the default behavior of WordPress).
  • Sending additional parameters with SAML Request: Any additional parameters appended to the SSO endpoint will now be relayed with the SAML Request to the Identity Provider.
  • Metadata Sync Settings: Added an option for enabling metadata sync in the Service Provider Setup tab. An option to add the Metadata URL as well as to choose the sync interval was also provided.
  • Error message on Encryption Certificate Mismatch: Added a proper error message during test configuration as well as SSO if the Encryption Certificate in the plugin and SAML Response mismatches.
IMPROVEMENT
BUGFIX
  • Compatibility with WP 6.3: Tested the plugin with WP 6.3 for compatibility.
  • Free Plugin File Configuration Import Error: Importing a configuration file from the free plugin version ( > 5.0.0 ) used to cause a fatal error. Free Plugin Configuration File can now be imported without errors.
  • License verification via WP CLI Error: An Invalid JSON Error was returned when verifying the plugin license via WP CLI. This was fixed and proper data checks were added.
  • SiteGround Hosting Provider Compatibility: SiteGround was pointing out the plugin files as malicious due to obfuscated code. Changes were made to remedy this.
  • Removed unused JQuery : Plugin was including an older version of JQuery which was not required.
  • Not Deleting License Options when plugin deactivated from a subsite: Plugin deleted license related information from all subsites (where plugin was activated) when the premium single site plugin was deactivated from a subsite in a multisite network. This was modifed for a better user experience. Now the options delete only on the subsite where the plugin was deactivated.
  • License Admin Notice Design: The admin dashboard widget as well as admin notice for license expiry includes a link to navigate to plugin settings.
  • License Expiry Date Updation: Plugin would now update the License Expiry Date automatically once in 30 days for a improved user experience.
  • File Inclusion Method: Improved how the plugin includes the files required for functioning. All file paths are included in the plugin using constants now.
  • Adding data type checks for validation: Added validation checks for multiple environments configurations.
IMPROVEMENT
BUGFIX
  • Compatibility with WP 6.2: Rolled out fixes for compatibility with WP 6.2.
  • Redesigned Account Info tab: Implemented a new and improved design of the Account Info tab for easier navigation and showing information.
  • Added Error Codes Submenu: Implemented Error Code in the SSO flow, which will be listed in the plugin’s submenu.
  • Updates in Licensing Framework: Fixes and improvements for the plugin licensing.
  • Added Admin Dashboard Widget: Added a dashboard widget that shows the miniOrange account’s email address and license expiry date.
  • Added notices in the plugin: Implemented notices for easier understanding of the plugin’s framework.
IMPROVEMENT
BUGFIX
  • Bootstrap Version: Updated the Bootstrap Version to 5.2.2.
IMPROVEMENT
BUGFIX
  • Fix for license file.
IMPROVEMENT
BUGFIX
  • WordPress 6.1 Compatibility.
  • PHP 8.1 fixes: Fixed PHP TypeError arising due to passing non-array values in PHP Array functions.
  • Import / Export fixes:
    • Fixed error while Importing Environment configurations.
    • SSO Login button and Domain restriction configurations importing successfully.
IMPROVEMENT
BUGFIX
  • Compatibilty with WordPress Scanner.
IMPROVEMENT
BUGFIX
  • Security fixes for Open Redirect Vulnerability.
  • Added proper escaping fixes.
IMPROVEMENT
BUGFIX
  • Added New Certificates.
  • Added Trial Frameworks
IMPROVEMENT
BUGFIX
  • WP 6.3 Compatibility.
  • Added proper error message when wp-config.php is not writable for enabling debug logs.
  • Fix for warning in the list of IDP logos.
IMPROVEMENT
BUGFIX
  • Fix for NetIQ SAML IDP Logo.
  • Fix for x509 certificate in SAML SSO Configurations.
IMPROVEMENT
BUGFIX
  • Vulnerability fix for Broken Access Control in SSO Settings.
IMPROVEMENT
BUGFIX
  • Added additional exception handling checks to enhance the validation of SAML Response.
  • Added Steps to download the paid plugin.
  • Minor Bug Fixes.
IMPROVEMENT
BUGFIX
  • Added new IDPs like Siteminder, VMWare, OpenAthens.
  • Minor Bug Fixes.
IMPROVEMENT
BUGFIX
  • Added new IDPs like Sharepoint, Dynamic CRM, LastPass, Drupal
IMPROVEMENT
BUGFIX
  • Compatibility with WordPress 6.2
  • Added iconv encoding issue flow
  • Fixed plugin update using FTP replace
  • Fixed SSO widget title issue
  • Fixed plugin deactivation issue
  • Fixes in debug log functionality
IMPROVEMENT
BUGFIX
  • Added PHPCS fixes.
IMPROVEMENT
BUGFIX
  • Security fix for Open Redirect Vulnerability.
IMPROVEMENT
BUGFIX
  • Fixes in Logger Functionality.
NEW
  • Assertion Time Check: Provided an option in the plugin to disable the time validity check for SAML assertion.
IMPROVEMENT
BUGFIX
  • Browser UI Compatibility: Fixed UI issues for Safari Browser.
  • Removed Bootstrap.js and Popper.js Dependency: Removed dependency from bootstrap.js and popper.js, by adding custom js in the plugin.
  • Custom CSS: Added custom CSS in place of using bootstrap.css library.
  • Images: Converted all the images to .webp format from .png format.
IMPROVEMENT
BUGFIX
  • WordPress 6.1 Compatibility.
  • PHP 8.1 fixes: Fixed PHP TypeError arising due to passing non-array values in PHP Array functions.
  • Import / Export fixes:
    • Fixed error while Importing Environment configurations.
    • SSO Login button and Domain restriction configurations importing successfully.
Trending searches:
Hello there!

Need Help? We are right here!
support
Contact miniOrange Support
success

Thanks for your inquiry.

If you dont hear from us within 24 hours, please feel free to send a follow up email to info@xecurify.com