cleantalk
Vulnerabilities and Security Researches

Post Form – Registration Form – Profile Form for User Profiles – Frontend Content Forms for User Submissions , CVE-2025-62973

CVE, Research URL

CVE-2025-62973

Home page URL

Security reports for Post Form – Registration Form – Profile Form for User Profiles – Frontend Content Forms for User Submissions

Application

Post Form – Registration Form – Profile Form for User Profiles – Frontend Content Forms for User Submissions

Published on
Oct 27, 2025
Research Description
Missing Authorization vulnerability in Themekraft BuddyForms buddyforms allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects BuddyForms: from n/a through <= 2.9.0.
Affected versions
max 2.9.0.
Status
vulnerable
Previous vulnerability researches
Simple User Registration (CVE-2025-4334) , Jun 27, 2025
Simple User Registration (CVE-2024-53810) , Dec 08, 2024
Simple User Registration (CVE-2025-53428) , Nov 11, 2025
Simple User Registration (CVE-2024-49604) , Oct 22, 2024
New vulnerability
Master Blocks &#8211; Ultimate Gutenberg Blocks for Marketers (CVE-2025-10896) , Nov 11, 2025
Reuse Builder (CVE-2025-11812) , Nov 11, 2025
ShopLentor – WooCommerce Builder for Elementor &amp; Gutenberg +12 Modules – All in One Solution (formerly WooLentor) (CVE-2025-11823) , Nov 11, 2025
ShopLentor – WooCommerce Builder for Elementor &amp; Gutenberg +12 Modules – All in One Solution (formerly WooLentor) (CVE-2025-12493) , Nov 11, 2025
Gravity Forms Google Sheet Connector (CVE-2025-8606) , Nov 11, 2025