ApplyOnline
by ApplyOnline
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-46080 | Med | 0.28 | 4.3 | 0.00 | Jan 2, 2025 | Missing Authorization vulnerability in Farhan Noor ApplyOnline – Application Form Builder and Manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ApplyOnline – Application Form Builder and Manager: from n/a through 2.5.3. | ||
| CVE-2024-2036 | Med | 0.21 | 4.3 | 0.00 | May 22, 2024 | The ApplyOnline – Application Form Builder and Manager plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the aol_modal_box AJAX action in all versions up to, and including, 2.6.2. This makes it possible for authenticated… | ||
| CVE-2024-10098 | Low | 0.18 | 2.7 | 0.00 | May 15, 2025 | The ApplyOnline WordPress plugin before 2.6.3 does not protect uploaded files during the application process, allowing unauthenticated users to access them and any private information they contain |
- risk 0.28cvss 4.3epss 0.00
Missing Authorization vulnerability in Farhan Noor ApplyOnline – Application Form Builder and Manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ApplyOnline – Application Form Builder and Manager: from n/a through 2.5.3.
- risk 0.21cvss 4.3epss 0.00
The ApplyOnline – Application Form Builder and Manager plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the aol_modal_box AJAX action in all versions up to, and including, 2.6.2. This makes it possible for authenticated…
- risk 0.18cvss 2.7epss 0.00
The ApplyOnline WordPress plugin before 2.6.3 does not protect uploaded files during the application process, allowing unauthenticated users to access them and any private information they contain