CVE-2026-5229

CRITICAL 9.8

Receive Notifications After Form Submitting – Form Notify for Any Forms <= 1.1.10 - Unauthenticated Authentication Bypass via LINE OAuth Callback

CVSS Score

9.8

EPSS Score

0.0%

EPSS Percentile

0th

The Form Notify plugin for WordPress is vulnerable to Authentication Bypass in versions up to and including 1.1.10. This is due to the plugin trusting user-controlled cookie data to determine which WordPress account to authenticate after a LINE OAuth login. When LINE doesn't provide an email address (which is common), the plugin falls back to reading the 'form_notify_line_email' cookie value without verifying that the LINE account is associated with that email address. This makes it possible for unauthenticated attackers to gain access to any user account on the site, including administrator accounts, by completing a LINE OAuth flow with their own LINE account while injecting a malicious cookie containing the target victim's email address.

CWE	CWE-287
Vendor	m615926
Product	receive notifications after form submitting – form notify for any forms
Published	May 15, 2026

Stay Ahead of the Next One

Get instant alerts for m615926 receive notifications after form submitting – form notify for any forms

Be the first to know when new critical vulnerabilities affecting m615926 receive notifications after form submitting – form notify for any forms are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

Affected Versions

m615926 / Receive Notifications After Form Submitting – Form Notify for Any Forms

0 ≤ 1.1.10

References

NVD ↗ CVE.org ↗ EPSS Data ↗

Credits

Nabil Irawan