cleantalk
Vulnerabilities and Security Researches

ApplyOnline – Application Form Builder and Manager, CVE-2024-10098

CVE, Research URL

CVE-2024-10098

Home page URL

Security reports for ApplyOnline – Application Form Builder and Manager

Application

ApplyOnline – Application Form Builder and Manager

Published on
May 16, 2025
Research Description
The ApplyOnline WordPress plugin before 2.6.3 does not protect uploaded files during the application process, allowing unauthenticated users to access them and any private information they contain
Affected versions
Min -, max 2.6.3.
Status
vulnerable
Previous vulnerability researches
Weluka Lite (CVE-2025-4591) , May 16, 2025
New vulnerability
The GDPR Framework By Data443 (CVE-2024-13621) , May 17, 2025
Mobile Contact Bar (CVE-2024-12739) , May 17, 2025
Contact Form, Survey & Popup Form Plugin for WordPress – ARForms Form Builder (CVE-2024-10504) , May 17, 2025
Front End Users (CVE-2025-47580) , May 17, 2025
ApplyOnline – Application Form Builder and Manager (CVE-2024-10098) , May 17, 2025