Issue with Social Login Plugin and Google Login – Security Concern Highlighted by Patchstack

Dear OneAll Support Team,

I am experiencing a critical issue with the Social Login plugin for WordPress. Users attempting to log in via Google are unable to proceed successfully. The error message that appears during login reads as follows:
"[Insert the exact error message displayed during login]".

Additionally, I have come across a recent security advisory on Patchstack (https://patchstack.com/database/vulnerability/oa-social-login/wordpress-social-login-plugin-5-9-0-authentication-bypass-vulnerability), which states that versions of the plugin <= 5.9.0 are vulnerable to a privilege escalation issue. The advisory indicates this as a high-priority concern with no official fix currently available.

Could you please:

Confirm if the issue with Google login is related to this vulnerability?
Provide a timeline or update on when this vulnerability will be addressed?
Suggest any immediate actions we can take to ensure security while maintaining the functionality of the plugin for our users?
This issue is urgent as it affects both the security and usability of our website. I look forward to your prompt response and guidance on how to proceed.

    Welcome!

    Please sign in to your OneAll account to ask a new question or to contribute to the discussions.

    Please click on the link below to connect to the forum with your OneAll account.