CVE-2026-12988 | WP 2FA Plugin 2.2.1/2.3.0/3.0.0 on WordPress 2FA Setup email address authorization

SecurityVulns

A vulnerability labeled as problematic has been found in WP 2FA Plugin 2.2.1/2.3.0/3.0.0 on WordPress. Impacted is an unknown function of the component 2FA Setup. Executing a manipulation of the argument email address can lead to missing authorization.

This vulnerability is tracked as CVE-2026-12988. The attack can be launched remotely. No exploit exists.VulDB Recent EntriesRead More