The BuddyForms plugin for WordPress is vulnerable to Email Verification Bypass in all versions up to, and including, 2.8.9 via the use of an insufficiently random activation code. This makes it possible for unauthenticated attackers to bypass the email verification.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: Wordfence
Published: 2024-06-05T04:32:25.171Z
Updated: 2024-06-05T04:32:25.171Z
Reserved: 2024-05-20T18:19:39.520Z
Link: CVE-2024-5149
JSON object: View
NVD Information
Status : Analyzed
Published: 2024-06-05T05:15:50.260
Modified: 2024-06-06T14:15:01.960
Link: CVE-2024-5149
JSON object: View
Redhat Information
No data.
CWE