If a user reinstalls their 2 factor authentication app all data in the app is lost. It seems the user can no longer login to the xenforo website, unless the user has generated backup codes. Many will not have this, so it seems they are locked out.
How can such a catch 22 situation be resolved?
You're effectively asking how 2FA can be bypassed -- if they don't have the second factor, they're basically an attacker in the eyes of the system (the type of attack 2FA is specifically trying to stop: password compromise).
In terms of an app, this is one of the reasons we give a recommendation of Authy, as you can recover codes or move devices much more easily (compared to Google Authenticator).