The EZPZ SAML SP Single Sign On WordPress plugin contains a CWE-352: Cross‑Site Request Forgery flaw that allows a malicious form to be submitted to configuration endpoints that lack proper CSRF checks. Based on the description, it is inferred that a user with sufficient privileges could inject scripting code that is saved in the plugin’s settings, resulting in a stored XSS vulnerability. This occurs because the injected script is rendered whenever the configuration page or related content is displayed, allowing an attacker to steal credentials, hijack sessions, or deface the site, all while operating under the site’s own domain and potentially bypassing content‑security policies.

Any WordPress installation that has the Overt Software Solutions LTD EZPZ SAML SP Single Sign On plugin at version 1.2.5 or earlier is affected. This includes all sites that have installed that plugin without upgrading to 1.2.6 or later.

The CVSS base score of 7.1 indicates a moderately high severity. The EPSS score of less than 1% suggests that active exploitation is currently unlikely. The vulnerability is not listed in the CISA KEV catalog. Exploitation generally requires an attacker to trick a privileged user, such as a site administrator, into submitting a forged request, or to lure a normal visitor into clicking a link that triggers the CSRF vector. Once the malicious script is stored, it will run for all subsequent site visitors, enabling credential theft, session hijacking, or website defacement.