PT-2026-41273 · WordPress · Form Notify

Nabil Irawan

·

Published

2026-05-15

·

Updated

2026-05-15

·

CVE-2026-5229

CVSS v3.1

9.8

Critical

VectorAV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Form Notify versions prior to 1.1.11
Description The Form Notify plugin for WordPress allows authentication bypass because it trusts user-controlled cookie data to determine the WordPress account to authenticate following a LINE OAuth login. If LINE does not provide an email address, the plugin uses the value of the form notify line email cookie without verifying the association between the LINE account and that email. This allows unauthenticated attackers to gain access to any user account, including administrator accounts, by completing a LINE OAuth flow with their own account while injecting a cookie containing the target victim's email address.
Recommendations Update the plugin to a version later than 1.1.10.

Exploit

Fix

Improper Authentication

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2026-5229

Affected Products

Form Notify