Show filters
5 Total Results
Displaying 1-5 of 5
Sort by:
Attacker Value
Unknown

CVE-2025-22721

Disclosure Date: January 21, 2025 (last updated January 22, 2025)
Missing Authorization vulnerability in Farhan Noor ApplyOnline – Application Form Builder and Manager allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects ApplyOnline – Application Form Builder and Manager: from n/a through 2.6.7.1.
0
0
Attacker Value
Unknown

CVE-2023-46080

Disclosure Date: January 02, 2025 (last updated January 03, 2025)
Missing Authorization vulnerability in Farhan Noor ApplyOnline – Application Form Builder and Manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ApplyOnline – Application Form Builder and Manager: from n/a through 2.5.3.
0
0
Attacker Value
Unknown

CVE-2024-2036

Disclosure Date: May 22, 2024 (last updated January 05, 2025)
The ApplyOnline – Application Form Builder and Manager plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the aol_modal_box AJAX action in all versions up to, and including, 2.6. This makes it possible for authenticated attackers, with subscriber access or higher, to view Application submissions.
0
0
Attacker Value
Unknown

CVE-2023-45756

Disclosure Date: October 25, 2023 (last updated October 28, 2023)
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Spider Teams ApplyOnline – Application Form Builder and Manager plugin <= 2.5.2 versions.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2023-24391

Disclosure Date: August 10, 2023 (last updated October 08, 2023)
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Spider Teams ApplyOnline plugin <= 2.5 versions.
Attack Vector: NetworkPrivileges: HighUser Interaction: Required
0
0