First published: Wed Jun 05 2024(Updated: )
The BuddyForms plugin for WordPress is vulnerable to Email Verification Bypass in all versions up to, and including, 2.8.9 via the use of an insufficiently random activation code. This makes it possible for unauthenticated attackers to bypass the email verification.
Credit: security@wordfence.com
Affected Software | Affected Version | How to fix |
---|---|---|
Themekraft Buddyforms | <=2.8.9 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.