Unrated severityNVD Advisory· Published May 15, 2025· Updated May 20, 2025
ApplyOnline – Application Form Builder and Manager < 2.6.3 - Unauthenticated Application File Access
CVE-2024-10098
Description
The ApplyOnline WordPress plugin before 2.6.3 does not protect uploaded files during the application process, allowing unauthenticated users to access them and any private information they contain
Affected products
1- Range: <2.6.3
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- wpscan.com/vulnerability/242dac1f-9a1f-4fde-b8c7-374bd451071d/mitreexploitvdb-entrytechnical-description
News mentions
0No linked articles in our index yet.