SAML Replay Attack

Hello Team,

In our application we are using the WP SAML Auth plugin (v2.3.0) for the SSO login and integrated it with the ACME (IdP) provider. The recent scan has reported a potential SAML Replay Attack vulnerability in our application. Could you please advise whether this issue needs to be addressed on the Acme (IdP) side or within our application? 

Please find the issue details below:

Issue Details:
A SAML replay attack occurs when an attacker captures a legitimate SAML assertion issued by an identity provider and submits that assertion again to a service provider in order to impersonate the original user. The attacker does not need to alter the assertion, because simply replaying a valid assertion within its validity window can allow authentication as the user if the service provider does not enforce assertion uniqueness, strict timestamp checks, audience restrictions, or proper signature validation. Replay attacks typically happen when assertions are exposed in transit, stored in logs, or available to malware on the user device.