{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-1729", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2026-01-31T18:37:54.180Z", "datePublished": "2026-02-12T01:23:42.939Z", "dateUpdated": "2026-04-08T16:45:51.879Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T16:45:51.879Z"}, "affected": [{"vendor": "scriptsbundle", "product": "AdForest", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "6.0.12", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The AdForest theme for WordPress is vulnerable to authentication bypass in all versions up to, and including, 6.0.12. This is due to the plugin not properly verifying a user's identity prior to authenticating them through the 'sb_login_user_with_otp_fun' function. This makes it possible for unauthenticated attackers to log in as arbitrary users, including administrators."}], "title": "AdForest <= 6.0.12 - Authentication Bypass", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/34fd42cb-3868-4b1c-bc56-575faf01e8f3?source=cve"}, {"url": "https://themeforest.net/item/adforest-classified-wordpress-theme/19481695"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-306 Missing Authentication for Critical Function", "cweId": "CWE-306", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "baseScore": 9.8, "baseSeverity": "CRITICAL"}}], "credits": [{"lang": "en", "type": "finder", "value": "Nguyen Tan Phat"}], "timeline": [{"time": "2026-01-31T18:53:41.000Z", "lang": "en", "value": "Vendor Notified"}, {"time": "2026-02-11T12:46:01.000Z", "lang": "en", "value": "Disclosed"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-02-12T15:35:57.969195Z", "id": "CVE-2026-1729", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-12T15:36:08.582Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-1729", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-02-12T15:35:57.969195Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-12T15:36:03.924Z"}}], "cna": {"title": "AdForest <= 6.0.12 - Authentication Bypass", "credits": [{"lang": "en", "type": "finder", "value": "Nguyen Tan Phat"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}}], "affected": [{"vendor": "scriptsbundle", "product": "AdForest", "versions": [{"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "6.0.12"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2026-01-31T18:53:41.000Z", "value": "Vendor Notified"}, {"lang": "en", "time": "2026-02-11T12:46:01.000Z", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/34fd42cb-3868-4b1c-bc56-575faf01e8f3?source=cve"}, {"url": "https://themeforest.net/item/adforest-classified-wordpress-theme/19481695"}], "descriptions": [{"lang": "en", "value": "The AdForest theme for WordPress is vulnerable to authentication bypass in all versions up to, and including, 6.0.12. This is due to the plugin not properly verifying a user's identity prior to authenticating them through the 'sb_login_user_with_otp_fun' function. This makes it possible for unauthenticated attackers to log in as arbitrary users, including administrators."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-306", "description": "CWE-306 Missing Authentication for Critical Function"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T16:45:51.879Z"}}}, "cveMetadata": {"cveId": "CVE-2026-1729", "state": "PUBLISHED", "dateUpdated": "2026-04-08T16:45:51.879Z", "dateReserved": "2026-01-31T18:37:54.180Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2026-02-12T01:23:42.939Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The AdForest theme for WordPress is vulnerable to authentication bypass in all versions up to, and including, 6.0.12. This is due to the plugin not properly verifying a user's identity prior to authenticating them through the 'sb_login_user_with_otp_fun' function. This makes it possible for unauthenticated attackers to log in as arbitrary users, including administrators."}, {"lang": "es", "value": "El tema AdForest para WordPress es vulnerable a omisi\u00f3n de autenticaci\u00f3n en todas las versiones hasta la 6.0.12, inclusive. Esto se debe a que el plugin no verifica correctamente la identidad de un usuario antes de autenticarlos a trav\u00e9s de la funci\u00f3n 'sb_login_user_with_otp_fun'. Esto hace posible que atacantes no autenticados inicien sesi\u00f3n como usuarios arbitrarios, incluyendo administradores."}], "id": "CVE-2026-1729", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2026-02-12T02:15:48.993", "references": [{"source": "security@wordfence.com", "url": "https://themeforest.net/item/adforest-classified-wordpress-theme/19481695"}, {"source": "security@wordfence.com", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/34fd42cb-3868-4b1c-bc56-575faf01e8f3?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-306"}], "source": "security@wordfence.com", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,6.0.12]"}}], "product": "adforest", "vendor": "scriptsbundle"}, {"configurations": [{"platform": null, "status": "unaffected", "versions": null}], "product": "wordpress", "vendor": "wordpress"}], "analysis": {"en": {"generated_at": "2026-04-16T00:48:58.159592+00:00", "value": {"mitigation_remediation": ["Upgrade the AdForest WordPress theme to a version newer than 6.0.12 to remove the flawed authentication logic.", "If an immediate upgrade is not possible, block or restrict unauthenticated access to the sb_login_user_with_otp_fun endpoint using your web server or a WordPress security plugin to prevent the bypass from being triggered.", "Implement two\u2011factor authentication for all administrator accounts to reduce the impact of a potential bypass before the patch is applied."], "summary": {"action": "Immediate Patch", "impact": "Authentication Bypass"}, "threat_synthesis": {"affected_systems": "This issue affects all installations of the scriptsbundle AdForest WordPress theme numbered 6.0.12 or earlier. The flaw is present regardless of the underlying WordPress version, so any site using the affected theme needs to be considered at risk until the theme is replaced with a corrected release.", "description_and_impact": "A flaw in the AdForest WordPress theme allows unauthenticated users to invoke the sb_login_user_with_otp_fun function without identity verification. As a result, an attacker can authenticate as any user, including administrators, thereby gaining the privileges of the target account. The vulnerability is a classic authentication bypass, classified as CWE-306, and directly compromises the integrity of user access controls.", "risk_and_exploitability": "The CVSS score of 9.8 marks this flaw as critical, meaning that a successful bypass can lead to full system compromise. The EPSS score of less than 1% suggests that exploitation is currently uncommon, and the vulnerability is not listed in CISA\u2019s KEV catalog. While the description does not specify the exact method an attacker would use, it is reasonable to infer that the vulnerability can be exercised remotely by crafting a request to the sb_login_user_with_otp_fun endpoint, which is part of the web login process and does not require any client-side software or privileged access."}}}}, "created": "2026-02-12T09:02:07.578109+00:00", "updated": "2026-04-16T01:00:19.952708+00:00", "vendors": ["scriptsbundle", "scriptsbundle$PRODUCT$adforest", "wordpress", "wordpress$PRODUCT$wordpress"]}