CRITICALVulnerability
Verified
Global

NVD CRITICAL: CVE-2026-5229 — The Form Notify plugin for WordPress is vulnerable to Authentication Bypass in v...

·Source: NIST NVD

Updated:

Executive Summary

The Form Notify plugin for WordPress is vulnerable to Authentication Bypass in versions up to and including 1.1.10. This is due to the plugin trusting user-controlled cookie data to determine which WordPress account to authenticate after a LINE OAuth login. When LINE doesn't provide an email address (which is common), the plugin falls back to reading the 'form_notify_line_email' cookie value witho

Analysis

The Form Notify plugin for WordPress is vulnerable to Authentication Bypass in versions up to and including 1.1.10. This is due to the plugin trusting user-controlled cookie data to determine which WordPress account to authenticate after a LINE OAuth login. When LINE doesn't provide an email address (which is common), the plugin falls back to reading the 'form_notify_line_email' cookie value without verifying that the LINE account is associated with that email address. This makes it possible for unauthenticated attackers to gain access to any user account on the site, including administrator accounts, by completing a LINE OAuth flow with their own LINE account while injecting a malicious cookie containing the target victim's email address. CVSS Score: 9.8. Published: 2026-05-15T09:16:16.690.

Indicators of Compromise (1)

CVE (1)
CVE-2026-5229
NVDMITRE CVE
Source Attribution

Originally published by NIST NVD on May 15, 2026. Verified by: NIST.

Related Threats

MEDIUMVulnerability

Colorado governor commutes prison sentence for election denier Tina Peters

Peters was sentenced to nine years for stealing voting data and has been publicly unrepentant. But Colorado Governor Jared Polis has been hinting at the decision for months. The post Colorado governor commutes prison sentence for election denier Tina Peters appeared first on CyberScoop .

CyberScoop
MEDIUMVulnerability

More than $10 million stolen from crypto platform THORChain

THORChain officials said the investigation into the incident is ongoing but explained that one of their six vaults was compromised, leading to a loss of about $10.7 million.

The Record
CRITICALVulnerability

Funnel Builder WordPress plugin bug exploited to steal credit cards

A critical vulnerability in the Funnel Builder plugin for WordPress is being actively exploited to inject malicious JavaScript snippets into WooCommerce checkout pages. [...]

BleepingComputer