cleantalk
Vulnerabilities and Security Researches

Post Form – Registration Form – Profile Form for User Profiles – Frontend Content Forms for User Submissions , CVE-2025-62973

CVE, Research URL

CVE-2025-62973

Home page URL

Security reports for Post Form – Registration Form – Profile Form for User Profiles – Frontend Content Forms for User Submissions

Application

Post Form – Registration Form – Profile Form for User Profiles – Frontend Content Forms for User Submissions

Published on
Oct 27, 2025
Research Description
Missing Authorization vulnerability in Themekraft BuddyForms buddyforms allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects BuddyForms: from n/a through <= 2.9.0.
Affected versions
max 2.9.0.
Status
vulnerable
Previous vulnerability researches
Outdoor (CVE-2023-29236) , Jun 10, 2024
Outdoor (CVE-2025-10743) , Nov 11, 2025
Outdooractive Embed (CVE-2024-11774) , Dec 21, 2024
New vulnerability
Master Blocks &#8211; Ultimate Gutenberg Blocks for Marketers (CVE-2025-10896) , Nov 11, 2025
Reuse Builder (CVE-2025-11812) , Nov 11, 2025
ShopLentor – WooCommerce Builder for Elementor &amp; Gutenberg +12 Modules – All in One Solution (formerly WooLentor) (CVE-2025-11823) , Nov 11, 2025
ShopLentor – WooCommerce Builder for Elementor &amp; Gutenberg +12 Modules – All in One Solution (formerly WooLentor) (CVE-2025-12493) , Nov 11, 2025
Gravity Forms Google Sheet Connector (CVE-2025-8606) , Nov 11, 2025