5 matches found
CVE-2023-51478
CVE-2023-51478 (Build App Online) is substantiated by connected PT-secure sources: an improper authentication flaw allows unauthenticated privilege escalation leading to potential account takeover in Build App Online versions 1.0.19 and earlier. The affected software is Build App Online; exploita...
CVE-2023-7264
The Build App Online plugin for WordPress (all versions up to 1.0.21) is vulnerable due to a weak password reset mechanism. An unauthenticated attacker can reset arbitrary user passwords by guessing a 4‑digit numeric reset code, enabling account takeover with high impact (C/H/I/A). The connected ...
CVE-2023-51479
CVE-2023-51479 is an authenticated privilege-escalation vulnerability in the WordPress plugin Build App Online . The issue affects versions
CVE-2024-53751
CVE-2024-53751 is a CSRF vulnerability in the WordPress plugin Build App Online, affecting versions up to 1.0.22. The CVE entries from multiple sources corroborate a CSRF issue in Build App Online with affected versions listed as
CVE-2024-49649
CVE-2024-49649: Build App Online is affected by an Unauthenticated Local File Inclusion via improper control of Include/Require filename in PHP. Affected version: Build App Online