2 matches found
CVE-2024-2036
The ApplyOnline – Application Form Builder and Manager plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the aolmodalbox AJAX action in all versions up to, and including, 2.6.2. This makes it possible for authenticated attackers, with subscribe...
PT-2024-18653 · WordPress · Applyonline
Name of the Vulnerable Software and Affected Versions: ApplyOnline – Application Form Builder and Manager plugin for WordPress versions up to, and including, 2.6 Description: The issue allows authenticated attackers with subscriber access or higher to view Application submissions due to a missing...