cleantalk
Vulnerabilities and Security Researches

ApplyOnline – Application Form Builder and Manager, CVE-2024-10098

CVE, Research URL

CVE-2024-10098

Home page URL

Security reports for ApplyOnline – Application Form Builder and Manager

Application

ApplyOnline – Application Form Builder and Manager

Published on
May 16, 2025
Research Description
The ApplyOnline WordPress plugin before 2.6.3 does not protect uploaded files during the application process, allowing unauthenticated users to access them and any private information they contain
Affected versions
Min -, max 2.6.3.
Status
vulnerable
Previous vulnerability researches
Emails Blacklist for Everest Forms (4e0b8221f9787e16f8849dff3026eadc73126b28) , Jun 07, 2024
New vulnerability
Countdown Timer for WordPress Block Editor (CVE-2024-10631) , May 17, 2025
WP DeskLite – Helpdesk and Support Plugin (CVE-2024-12724) , May 17, 2025
JSFiddle Shortcode (CVE-2024-10818) , May 17, 2025
Panorama – WordPress Project Management Plugin (CVE-2024-11843) , May 17, 2025
The GDPR Framework By Data443 (CVE-2024-13621) , May 17, 2025