CVE Vulnerabilities

CVE-2026-11883

Published: Jul 01, 2026 | Modified: Jul 01, 2026
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu
root.io logo minimus.io logo echo.ai logo

The WebAuthn Provider for Two Factor WordPress plugin before 2.5.6 does not correctly validate the second-factor authentication response, allowing an attacker who already knows a users password to bypass the two-factor authentication requirement by submitting a malformed request.

References