CVE-2025-10753 identifies a missing authorization vulnerability (CWE-862) in the OAuth Single Sign On – SSO (OAuth Client) WordPress plugin developed by cyberlord92. The vulnerability exists in all versions up to and including 6.26.14. Specifically, the issue lies in the OAuth redirect functionality accessible via the 'oauthredirect' option parameter. The plugin fails to perform necessary capability checks and authentication verification when processing the redirect_url parameter, which controls the global redirect URL setting. As a result, an unauthenticated attacker who can access the WordPress site directly can manipulate this parameter to set or change the global redirect URL. This unauthorized modification can be leveraged to redirect users to attacker-controlled sites during the OAuth authentication flow, facilitating phishing attacks or session hijacking attempts. The CVSS v3.1 score is 5.3 (medium severity), reflecting that the attack vector is network-based, requires no privileges or user interaction, and impacts integrity but not confidentiality or availability. No patches or known exploits are currently available, but the vulnerability is publicly disclosed and assigned by Wordfence. The flaw compromises the integrity of the OAuth redirection mechanism, undermining trust in the authentication process and potentially exposing users to social engineering or credential theft risks.

For European organizations, this vulnerability poses a moderate risk primarily to the integrity of their authentication processes. Organizations using the affected OAuth Single Sign On plugin on WordPress sites may have their OAuth redirect URLs altered without authorization, potentially redirecting users to malicious sites. This can lead to phishing attacks, credential theft, or session hijacking, undermining user trust and potentially causing reputational damage. Although confidentiality and availability are not directly impacted, the indirect consequences of compromised authentication flows can be severe, especially for organizations handling sensitive data or critical services. The ease of exploitation (no authentication or user interaction required) increases the likelihood of attacks, particularly against public-facing WordPress sites. European sectors with high reliance on OAuth SSO for internal or customer-facing applications—such as finance, healthcare, and government—may face increased risks. Additionally, organizations with compliance obligations under GDPR must consider the potential data protection implications of unauthorized redirect manipulations leading to phishing or data exposure.

1. Monitor the plugin vendor’s official channels for security patches addressing CVE-2025-10753 and apply updates immediately upon release. 2. Until a patch is available, restrict access to the WordPress admin area and any endpoints handling the 'oauthredirect' option parameter using web application firewalls (WAFs) or IP whitelisting to prevent unauthorized access. 3. Implement strict input validation and sanitization on parameters controlling redirect URLs to prevent injection of malicious URLs. 4. Review and harden OAuth SSO configurations, ensuring redirect URLs are fixed and not dynamically modifiable by unauthenticated users. 5. Conduct regular security audits and penetration tests focusing on authentication flows and plugin vulnerabilities. 6. Educate users and administrators about phishing risks stemming from manipulated OAuth redirects and encourage vigilance. 7. Consider deploying multi-factor authentication (MFA) to mitigate risks from compromised credentials due to phishing. 8. Monitor logs for unusual changes to OAuth redirect settings or unexpected redirect behaviors.