-
Eating our own dog food!
We have updated our website WordPress + Azure AD / Microsoft Office 365 and made it easier for you to log in using our brand new Azure AD B2C tenant. So what did change? You can still access your account to manage your details, subscriptions, licenses and download purchased items at https://www.wpo365.com/your-account/. But now you will note that we automatically…
-
URGENT: nOAuth, or how an OpenID Connect misconfiguration can lead to full account takeover
If you have enabled support for multi-tenant authentication for your registered application in Azure AD then please read the following information carefully. The Descope security team discovered a gray area in Microsoft Azure AD multi-tenant OAuth applications that could lead to full account takeover. Please compare your configuration with the example below, if you are not sure whether…
-
URGENT: WPO365 | LOGIN plugin v23.0 will prevent WordPress from checking for plugin updates
If you already installed version 23.0 of the WPO365 | LOGIN plugin, then please read the following information very carefully. A severe issue with the WPO365 | LOGIN plugin v23.0 will prevent WordPress from checking for plugin updates. This does not only affect the WPO365 plugins, but all installed WordPress plugins. As a result, you do not…
