Search Results :

×

Version 20.1.2

 May 16, 2024

Version 20.1.1

 January 01, 2024

Version 20.1.0

 July 24, 2023

Version 20.0.9

 February , 2023

Version 20.0.8

 November 14, 2022

Version 20.0.7

 September 29, 2022

Version 20.0.6

 June 22, 2022

Version 20.0.5

 February 08, 2022

Version 20.0.4

 November 23, 2021

Version 20.0.3

 November 16, 2021

Version 20.0.2

 April 09, 2021

Version 20.0.1

 November 26, 2020

Version 25.1.9

 May 08, 2024

Version 25.1.8

 March 29, 2024

Version 25.1.7

 February 20, 2024

Version 25.1.6

 January 24, 2024

Version 25.1.5

 January 05, 2024

Version 25.1.4

 January 01, 2024

Version 25.1.3

 December 15,2023

Version 25.1.2

 August 21, 2023

Version 25.1.1

 June 14, 2023

Version 25.1.0

 June 12, 2023

Version 25.0.9

 November 25, 2022

Version 25.0.8

 September 22, 2022

Version 25.0.7

 September 17, 2022

Version 25.0.6

 August 04, 2022

Version 25.0.5

 February 09, 2022

Version 25.0.4

 November 23, 2021

Version 25.0.3

 November 12, 2021

Version 25.0.2

 July 26, 2021

Version 25.0.1

 November 26, 2020

Version 12.2.3

 December 11, 2023

Version 12.2.2

 November 11, 2023

Version 12.2.1

 November 9, 2023

Version 12.2.0

 October 31, 2023

Version 12.1.9

 October 18, 2023

Version 12.1.8

 October 11, 2023

Version 12.1.7.1

 September 15, 2023

Version 12.1.7

 September 8, 2023

Version 12.1.6

 August 31, 2023

Version 12.1.5

 May 22, 2023

Version 12.1.4

 February 03, 2023

Version 12.1.3

 January 11, 2023

Version 12.1.2

 January 10, 2023

Version 12.1.1

 November 14, 2022

Version 12.1.0

 September 22, 2022

Version 12.0.9

 August 30, 2023

Version 5.0.7

Version 5.0.6

Version 5.0.5

Version 5.0.4

Version 5.0.3

Version 5.0.2

Version 5.0.1

Version 5.0.0

 January 4, 2023

Version 4.9.32

 January 4, 2023

Version 4.9.31

 January 4, 2023

Version 4.9.30

 January 4, 2023

Version 4.9.29

 January 2023
NEW
  • Sync Only Certificate from Metadata: Added an option in the Metadata Sync section to sync only certificates from the metadata.
IMPROVEMENT
BUGFIX
  • New and Improved Design of the Service Provider Setup tab: Redesigned the user interface of the 'Service Provider Setup' tab within the plugin to show a list of the configured IDPs. Added bulk options as well as IDP status.
  • Improved the Certificate Update flow: Added the corrected steps to update the plugin to update to the latest certificate.
  • Added warnings for required PHP extensions: Improved the warnings to display errors in case of a missing PHP extension. Handled all cases of error messages.
  • Improved the Metadata Sync functionality:
    • Added notices to notify that manual configuration would be overridden if sync is enabled.
    • Separated the Metadata Sync section in the SP Setup tab.
    • Added a Sync Now button.
  • Implemented PHP Coding Standards: Added PHP CS fixes as required in the plugin.
  • Improved import of plugin configuration: Added check for required fields in the configuration file. Also added validation for the values of the configuration file.
  • Other UI improvements.
IMPROVEMENT
BUGFIX
  • Default Role Assignment Issue: Fixed default role assignment for existing users when role mapping is not configured.
  • Assigning None Role to Existing Users: Resolved issue of existing users being assigned no role.
  • Minor Bug fixes.
IMPROVEMENT
BUGFIX
  • Resolved the Issue of Default Role Assignment: Resolved a bug where after upgrading to 12.2.0 version, all users were assigned the default role.
NEW
  • Assertion Time Validation: This features decides whether to check the time validity of SAML Assertion for SSO login.
IMPROVEMENT
BUGFIX
  • Redesigned Role Mapping: Revamped the user interface of the 'Attribute/Role Mapping' tab within the plugin, introducing improvements for a more intuitive and user-friendly experience, accompanied by comprehensive documentation to guide users through the enhanced features and functionalities.
  • Improvements in Account Info Tab: Revamped the Account info tab by adding functionalities such as view your licence keys button, revamped user interface for the licence expiry notice reflecting the remaining days, updated FAQ’s content, etc.
  • Improvements for file paths: Used WordPress functions for file paths instead of PHP functions.
  • Reduce DB calls in SAML Response Flow: Improved the plugin performance as well as code by Reducing/Removing the unwanted database calls from the SAML Response flow.
NEW
  • Plugin Update via WP CLI: Added new functionality to update the plugin to its latest version by using this command: wp saml update.
  • Attribute Mapping for WP Nickname: Added updating the WP user's nickname during SSO based on their attributes received inthe SAML Response from the Identity Provider.
  • Do not update Existing User's Display Name: Added a new feature which prevents updating the existing user’s display name. All other attributes would be updated as per the attribute mapping configured.
  • Implemented an SSO User Tag for users logging in via SSO: Added a new feature that adds an SSO user tag for users logging in via SSO.This feature is useful if you want to differentiate between users logging in via WordPress and those logging in via SSO.
IMPROVEMENT
BUGFIX
  • Customize SSO login button Hook: A hook is added to customize the SSO login button. Now, it is possible to add icon, custom CSS, etc. on the SSO login button.
  • Exception Handling and Error Codes in the SSO Flow: Added Error Codes for the SSO Login Flow in the plugin to help identify issues during SSO more effectively. This ensures that errors and issues encountered during the authentication process are appropriately managed.
  • Optimizations for plugin size: Reduce the size of the plugin by compressing the images through converting into SVG format.
  • Keep Settings Intact Default: To eliminate the need for manually enabling the Keep setting intact toggle, we've enabled this option automatically upon plugin activation.
  • Certificate Mismatch Iconv Encoding Resolution: We have improved the certificate mismatch error to list the exact steps needed to address the Certificate Mismatch error caused by Iconv encoding.
  • Import NameID Format from Metadata: Now the NameID format value would be fetched into the plugin settings from Identity Provider Metadata during import or metadata sync.
  • Test Configuration Access restriction: The test configuration endpoint will now be accessible to only administrators in WordPress.
  • Licensing Plans Link: We have removed the licensing plan from the plugin and added a link to the licensing plans page on our site to provide a smoother and uniform experience.
  • Code improvement for DB Options: We improved the plugin code by changing the DB options into constants.
  • Minor Bug Fixes.
NEW
  • Plugin Update via WP CLI: Added new functionality to update the plugin to its latest version by using this command: wp SAML update.
  • Attribute Mapping for WP Nickname: Added updating the WP user's nickname during SSO based on their attributes received inthe SAML Response from the Identity Provider.
  • Do not update Existing User's Display Name: Added a new feature which prevents updating the existing user’s display name. All other attributes would be updated as per the attribute mapping configured.
  • Implemented an SSO User Tag for users logging in via SSO: Added a new feature that adds an SSO user tag for users logging in via SSO.This feature is useful if you want to differentiate between users logging in via WordPress and those logging in via SSO.
  • Customize SSO login button Hook: A hook is added to customize the SSO login button. Now, it is possible to add icon, custom CSS, etc. on the SSO login button.
  • Exception Handling and Error Codes in the SSO Flow: Added Error Codes for the SSO Login Flow in the plugin to help identify issues during SSO more effectively. This ensures that errors and issues encountered during the authentication process are appropriately managed.
  • Optimizations for plugin size: Reduce the size of the plugin by compressing the images through converting into SVG format.
  • Keep Settings Intact Default: To eliminate the need for manually enabling the Keep setting intact toggle, we've enabled this option automatically upon plugin activation.
  • Certificate Mismatch Iconv Encoding Resolution: We have improved the certificate mismatch error to list the exact steps needed to address the Certificate Mismatch error caused by Iconv encoding.
  • Import NameID Format from Metadata: Now the NameID format value would be fetched into the plugin settings from Identity Provider Metadata during import or metadata sync.
  • Test Configuration Access restriction: The test configuration endpoint will now be accessible to only administrators in WordPress.
  • Licensing Plans Link: We have removed the licensing plan from the plugin and added a link to the licensing plans page on our site to provide a smoother and uniform experience.
  • Code improvement for DB Options: We improved the plugin code by changing the DB options into constants.
  • Minor Bug Fixes.
IMPROVEMENT
BUGFIX
  • Accepting SAML Response without Audience URI: Relaxed the Audience Restriction check.
  • Resolved warning on plugin’s update page: No warning in the debug log when the customer checks for any new updates of the plugin.
  • Resolved Metadata Sync for empty Metadata URL: No warning in the debug log when the customer checks for any new updates of the plugin.
  • Added custom CSS for the Admin Dashboard widget: Not loading CSS on every page of the site.
  • Added a proper error message for invalid XMLIn case of an invalid XML in the form of a string. The proper message is displayed.
IMPROVEMENT
BUGFIX
  • PHP 8.2 Compatibility: Tested the plugin with PHP 8.2 for compatibility.
  • DOS Attack Vulnerability fix: Also known as Entity Expansion Attack, the attack causes growth in resource requirements by simply repeating a large entity over and over again. The quadratic blowup variation can also cause quadratic growth in resources. To prevent this, additional checks were added to handle an invalid XML or an XML that has infinite entities referenced in it. This protects from a DOS attack.
  • Replay Attack Vulnerability fixA replay attack can occur when a valid SAML Response is posted on the site by an attacker within the assertion time validity. This was fixed so that unauthorized access could be prevented.
  • Alpine Linux environments iconv Warning: Alpine Linux environments do not support the CP-1252 encoding in iconv function and hence throw a function undefined warning when the iconv toggle is enabled. This was handled so that warnings were not visible on the front end.
  • User session terminated Warning: A warning was thrown when the user session is already terminated on logout. This was handled such that the Single Logout is not performed once the user session is already terminated.
  • Advanced Role Mapping Addon Compatibility: Fixes were done to make the SSO Plugin compatible with the Advanced Role Mapping addon.
  • Updated all CSS and JS Libraries: Updated the versions of all external libraries used in the plugin.
  • Updated .htaccess rules for the root folder: Added .htaccess file to restrict license file for the plugin.
  • Updated cookie creation with a secure parameter: Added the secure parameter for cookies created by the plugin.
  • Redirection behavior after logout for a non-SSO user: A non-SSO user would be redirected to the WP login page after logout from WordPress (this is the default behavior of WordPress).
  • Sending additional parameters with SAML Request: Any additional parameters appended to the SSO endpoint will now be relayed with the SAML Request to the Identity Provider.
  • Metadata Sync Settings: Added an option for enabling metadata sync in the Service Provider Setup tab. An option to add the Metadata URL as well as to choose the sync interval was also provided.
  • Error message on Encryption Certificate Mismatch: Added a proper error message during test configuration as well as SSO if the Encryption Certificate in the plugin and SAML Response mismatches.
IMPROVEMENT
BUGFIX
  • Compatibility with WP 6.3: Tested the plugin with WP 6.3 for compatibility.
  • Free Plugin File Configuration Import Error: Importing a configuration file from the free plugin version ( > 5.0.0 ) used to cause a fatal error. Free Plugin Configuration File can now be imported without errors.
  • License verification via WP CLI Error: An Invalid JSON Error was returned when verifying the plugin license via WP CLI. This was fixed and proper data checks were added.
  • SiteGround Hosting Provider Compatibility: SiteGround was pointing out the plugin files as malicious due to obfuscated code. Changes were made to remedy this.
  • Removed unused JQuery : Plugin was including an older version of JQuery which was not required.
  • Not Deleting License Options when plugin deactivated from a subsite: Plugin deleted license related information from all subsites (where plugin was activated) when the premium single site plugin was deactivated from a subsite in a multisite network. This was modifed for a better user experience. Now the options delete only on the subsite where the plugin was deactivated.
  • License Admin Notice Design: The admin dashboard widget as well as admin notice for license expiry includes a link to navigate to plugin settings.
  • License Expiry Date Updation: Plugin would now update the License Expiry Date automatically once in 30 days for a improved user experience.
  • File Inclusion Method: Improved how the plugin includes the files required for functioning. All file paths are included in the plugin using constants now.
  • Adding data type checks for validation: Added validation checks for multiple environments configurations.
IMPROVEMENT
BUGFIX
  • Compatibility with WP 6.2: Rolled out fixes for compatibility with WP 6.2.
  • Redesigned Account Info tab: Implemented a new and improved design of the Account Info tab for easier navigation and showing information.
  • Added Error Codes Submenu: Implemented Error Code in the SSO flow, which will be listed in the plugin’s submenu.
  • Updates in Licensing Framework: Fixes and improvements for the plugin licensing.
  • Added Admin Dashboard Widget: Added a dashboard widget that shows the miniOrange account’s email address and license expiry date.
  • Added notices in the plugin: Implemented notices for easier understanding of the plugin’s framework.
IMPROVEMENT
BUGFIX
  • Bootstrap Version: Updated the Bootstrap Version to 5.2.2.
IMPROVEMENT
BUGFIX
  • Fix for license file.
IMPROVEMENT
BUGFIX
  • WordPress 6.1 Compatibility.
  • PHP 8.1 fixes: Fixed PHP TypeError arising due to passing non-array values in PHP Array functions.
  • Import / Export fixes:
    • Fixed error while Importing Environment configurations.
    • SSO Login button and Domain restriction configurations importing successfully.
IMPROVEMENT
BUGFIX
  • Compatibilty with WordPress Scanner.
IMPROVEMENT
BUGFIX
  • Security fixes for Open Redirect Vulnerability.
  • Added proper escaping fixes.
IMPROVEMENT
BUGFIX
  • Added New Certificates.
  • Added Trial Frameworks
IMPROVEMENT
BUGFIX
  • WP 6.3 Compatibility.
  • Added proper error message when wp-config.php is not writable for enabling debug logs.
  • Fix for warning in the list of IDP logos.
IMPROVEMENT
BUGFIX
  • Fix for NetIQ SAML IDP Logo.
  • Fix for x509 certificate in SAML SSO Configurations.
IMPROVEMENT
BUGFIX
  • Vulnerability fix for Broken Access Control in SSO Settings.
IMPROVEMENT
BUGFIX
  • Added additional exception handling checks to enhance the validation of SAML Response.
  • Added Steps to download the paid plugin.
  • Minor Bug Fixes.
IMPROVEMENT
BUGFIX
  • Added new IDPs like Siteminder, VMWare, OpenAthens.
  • Minor Bug Fixes.
IMPROVEMENT
BUGFIX
  • Added new IDPs like Sharepoint, Dynamic CRM, LastPass, Drupal
IMPROVEMENT
BUGFIX
  • Compatibility with WordPress 6.2
  • Added iconv encoding issue flow
  • Fixed plugin update using FTP replace
  • Fixed SSO widget title issue
  • Fixed plugin deactivation issue
  • Fixes in debug log functionality
IMPROVEMENT
BUGFIX
  • Added PHPCS fixes.
IMPROVEMENT
BUGFIX
  • Security fix for Open Redirect Vulnerability.
IMPROVEMENT
BUGFIX
  • Fixes in Logger Functionality.
NEW
  • Assertion Time Check: Provided an option in the plugin to disable the time validity check for SAML assertion.
IMPROVEMENT
BUGFIX
  • Browser UI Compatibility: Fixed UI issues for Safari Browser.
  • Removed Bootstrap.js and Popper.js Dependency: Removed dependency from bootstrap.js and popper.js, by adding custom js in the plugin.
  • Custom CSS: Added custom CSS in place of using bootstrap.css library.
  • Images: Converted all the images to .webp format from .png format.
IMPROVEMENT
BUGFIX
  • WordPress 6.1 Compatibility.
  • PHP 8.1 fixes: Fixed PHP TypeError arising due to passing non-array values in PHP Array functions.
  • Import / Export fixes:
    • Fixed error while Importing Environment configurations.
    • SSO Login button and Domain restriction configurations importing successfully.
NEW
  • Added the compatibility with WordPress 6.5
  • Added the compatibility with Guest User login Add-on
  • Added the warnings for required PHP extensions
  • Added the option to validate the assertion time of the SAML Response
  • Added the option to have IDP-specific Login relay state and Logout relay state
  • Added the certificate sync option from the IDP Metadata
  • Added the error codes for the case of failed SSO
  • Added the filter for the Role Mapping flow
  • Added the version number with the plugin heading
IMPROVEMENT
BUGFIX
  • Fixed the import-export feature for the Multiple Environment Configuration
  • Fixed the displayed warning on invalid metadata file import
  • Fixed the redirection flow for users after the logout
  • Improved customization of the Single Sign-On (SSO) Button displayed on the login page
  • Improved the UI of the SSO Links Section
  • Removed non-admin user access from the test configuration endpoint
NEW
  • Added Multiple Environment Feature for configuring plugin settings for all environments (dev, test, production).
  • Added Metadata customization feature allowing admin to input Organization Name, Email Address, and Organization URL in the Service Provider Metadata.
  • Added compatibility for the IP based Redirection to IDP feature.
IMPROVEMENT
BUGFIX
  • Fixed the compatibility issues with WP Smart Manager plugin.
  • Fixed invalid trigger of email updated notifications to users during SAML Authentication.
  • Fixed the base64_Decode issue of the Wordfence scanner.
  • Fixed the compatibility issues with 3rd party plugins or themes which use Utilites class name.
NEW
  • Added compatibility fixes for PHP 8.2
  • Added confirmation screen for resetting mapping configuration
IMPROVEMENT
BUGFIX
  • Fixed HTTP Post binding issue with RSS feed
  • Fixed Validations issues through out the plugin
  • Fixed support email address through out the plugin
  • Fixed Domain Mapping issues
  • Fixed incorrect warning messages while configuring Service Provider Setup tab
  • Minor fixes related to components text and placement
  • Improved default IDP assignment flow
  • Modified allowed characters for adding Identity Provider name
  • Updated metadata contact information
IMPROVEMENT
BUGFIX
  • Fixed backdoor URL issue
  • Fixed Single Logout Request using POST binding
  • Fixed Vulnerabilities for XML parsing, insecure cookie creation, replay attack, exposed license file and SAML Request/Response jQuery
  • Fixed iconv warning on Linux Environments
  • Fixed metadata sync issue for default values
  • Fixed redirection loop issue from WordPress login page
  • Fixed invalid license issue on WordPress multisite environment
IMPROVEMENT
BUGFIX
  • Fixes in the Upgrade Notice
  • Updates in the Licensing Framework
IMPROVEMENT
BUGFIX
  • Fixes for Shortcode functionality
  • Fixes for Auto-Redirection functionality when users are logged-in
NEW
  • Added Error Codes Submenu
  • Added Admin Dashboard Widget
  • Added notices in the plugin
IMPROVEMENT
BUGFIX
  • WordPress 6.4 Compatibility
  • Redesigned Account Info tab
  • Updates in Licensing Framework
NEW
  • Added proper error messages on failed domain mapping
  • Added error handling for max execution time on metadata upload
IMPROVEMENT
BUGFIX
  • WordPress 6.3 Compatibility
  • Fixed multiple roles assignment bug
  • Fixed attribute key assigned if value attribute empty
  • Modified the order of wp_login hook in the plugin
  • Removed extra Identity Provider Name field in plugin settings
  • Compatibility fixes for SiteGround hosting provider
IMPROVEMENT
BUGFIX
  • Bug fix for encrypted SAML Responses
  • Fixes for auto-redirect functionality
NEW
  • Added IDP specific shortcode
IMPROVEMENT
BUGFIX
  • WordPress 6.2 Compatibility
  • PHP 8.1 Fixes
  • UI and bug fixes
NEW
  • Added RSS feed feature
  • Added IDP selector UI
  • Added Azure multitenant compatibility
  • Added Password Reset flow for Azure B2C
IMPROVEMENT
BUGFIX
  • WordPress 6.1 Compatibility
  • Updated bootstrap version to 5.1.3
  • Updated the Licensing Plan Page
  • Fixed Single Logout for all WordPress versions
  • Fixed issue with IDP-initiated SLO
  • Fixed the redirect to Wordpress login page feature
  • Fixed the redirect-loop issue for public page url
  • Fixed issue with displaying custom attributes in user menu for a new user after SSO
  • Fixed RelayState URL for SSO links
  • Fixed issue in color picker and position of SSO login button
  • Fixed the auto-selection of default idp
  • Some bug fixes
IMPROVEMENT
BUGFIX
  • XSS Vulnerability fixes for malformed SAML Response in Test Configuration flow
  • Wordfence Compatibility Fixes
IMPROVEMENT
BUGFIX
  • Added compatibility fixes with WP SAML IDP plugin
  • Minor bug fix
IMPROVEMENT
BUGFIX
  • Compatibility with WordPress 6.0
  • Fixed Domain Mapping issue for Disabled IDPs
  • Updated SAML handbook links
IMPROVEMENT
BUGFIX
  • Compatibility with WordPress 5.9
IMPROVEMENT
BUGFIX
  • Compatibility with WordPress 5.8
  • Minor UI Fixes
NEW
  • Added new Certificate for Signing and Encryption
IMPROVEMENT
BUGFIX
  • Bug fixes
IMPROVEMENT
BUGFIX
  • Fixed XSS Vulnerability (CVE-2020-6850)
  • Updated xmlseclibs(Added support for Shibboleth encryption algorithm)
  • Bug fixes: Cron fixes for blank IDP bug
  • Fixed upload metadata issues with Federated Identities(Haka)
  • Compatibility with WordPress 5.8
IMPROVEMENT
BUGFIX
  • Updated SP Certificate
  • Compatibility with WordPress 5.6
  • Bug fixes
IMPROVEMENT
BUGFIX
  • Compatibility with WP 6.5
  • Updates in Licensing Framework
  • Fixed an XSS Vulnerability
  • Fixed an issue with the subsites SSO for subdomain multisite installation
NEW
  • Added Admin Dashboard Widget
  • Added Error Codes Submenu
  • Added notices in the plugin
  • Compatibility with WP 6.4
  • Redesigned Account Info tab
  • Updates in Licensing Framework
NEW
  • Compatibility with siteground hosting
IMPROVEMENT
BUGFIX
  • Compatibility with WP 6.2
IMPROVEMENT
BUGFIX
  • Updated XML Security Library
  • Compatibility with WP 6.1
  • Fixes for PHP 8.1
  • Fixes in Single Logout flow
IMPROVEMENT
BUGFIX
  • Compatibility with Wordfence Scanner
IMPROVEMENT
BUGFIX
  • Vulnerability fix for malformed SAML Response
  • Security fix for open redirect vulnerability
  • Modified .htaccess rules
  • Updated handbook links
  • Fixed an issue with the subsites list for more than 500 subsites
  • Fixed apply certificate button
NEW
  • Added IDP selector UI
  • Added Add-ons tabs
  • Added check for archived and deleted subsites for license verification
IMPROVEMENT
BUGFIX
  • Added Compatibility with WordPress 6.0
  • Updated licensing plans
  • Updated bootstrap version to 5.1.3
  • Fixed Single Logout for different WordPress versions
  • Fixed an issue with color picker for the Custom login button
  • Fixed access restriction for the resource files
IMPROVEMENT
BUGFIX
  • Compatibility fixes for WordPress 5.9
IMPROVEMENT
BUGFIX
  • Compatibility with WordPress 5.8
  • Minor UI Fixes
NEW
  • Added new x509 certifcate for Signing and Encryption
IMPROVEMENT
BUGFIX
  • Minor bug fixes
IMPROVEMENT
BUGFIX
  • Compatible with PHP8
  • Compatible with WordPress 5.7
  • Import Metadata Fix
  • Vulnerability fixes
NEW
  • New Certificate for Signing and Encryption
IMPROVEMENT
BUGFIX
  • Compatible with WordPress 5.6
  • Vulnerability fixes
Hello there!

Need Help? We are right here!

support
Contact miniOrange Support
success

Thanks for your inquiry.

If you dont hear from us within 24 hours, please feel free to send a follow up email to info@xecurify.com