CVE-2026-5229— Receive Notifications After Form Submitting – Form Notify for Any Forms <= 1.1.10 - Unauthenticated Authentication Bypass via LINE OAuth Callback
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2026-5229
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Receive Notifications After Form Submitting – Form Notify for Any Forms <= 1.1.10 - Unauthenticated Authentication Bypass via LINE OAuth Callback
Source: NVD (National Vulnerability Database)
Vulnerability Description
The Form Notify plugin for WordPress is vulnerable to Authentication Bypass in versions up to and including 1.1.10. This is due to the plugin trusting user-controlled cookie data to determine which WordPress account to authenticate after a LINE OAuth login. When LINE doesn't provide an email address (which is common), the plugin falls back to reading the 'form_notify_line_email' cookie value without verifying that the LINE account is associated with that email address. This makes it possible for unauthenticated attackers to gain access to any user account on the site, including administrator accounts, by completing a LINE OAuth flow with their own LINE account while injecting a malicious cookie containing the target victim's email address.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
认证机制不恰当
Source: NVD (National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| m615926 | Receive Notifications After Form Submitting – Form Notify for Any Forms | 0 ~ 1.1.10 | - |
II. Public POCs for CVE-2026-5229
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2026-5229
请登录查看更多情报信息。
IV. Related Vulnerabilities
Same weakness: CWE-287
- CVE-2026-44551
Open WebUI: LDAP Empty Password Authentication Bypass - CVE-2026-8621
Crabbox < v0.12.0 Authentication Bypass via Header Spoofing - CVE-2026-20182
Cisco Catalyst SD-WAN Controller Authentication Bypass Vulne - CVE-2026-8181
Burst Statistics 3.4.0 - 3.4.1.1 - Authentication Bypass to - CVE-2026-44351
fast-jwt: Empty HMAC secret accepted via async key resolver
V. Comments for CVE-2026-5229
No comments yet