Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Build_app_online
(Buildapp)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 5 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2024-04-25 | CVE-2023-51478 | Improper Authentication vulnerability in Abdul Hakeem Build App Online allows Privilege Escalation.This issue affects Build App Online: from n/a through 1.0.19. | Build_app_online | 9.8 | ||
| 2024-05-17 | CVE-2023-51479 | Improper Privilege Management vulnerability in Abdul Hakeem Build App Online allows Privilege Escalation.This issue affects Build App Online: from n/a through 1.0.19. | Build_app_online | 8.8 | ||
| 2024-06-11 | CVE-2023-7264 | The Build App Online plugin for WordPress is vulnerable to account takeover due to a weak password reset mechanism in all versions up to, and including, 1.0.21. This makes it possible for unauthenticated attackers to reset the password of arbitrary users by guessing an 4-digit numeric reset code. | Build_app_online | 9.8 | ||
| 2024-12-02 | CVE-2024-53751 | Cross-Site Request Forgery (CSRF) vulnerability in Abdul Hakeem Build App Online allows Cross Site Request Forgery.This issue affects Build App Online: from n/a through 1.0.22. | Build_app_online | 8.8 | ||
| 2025-01-07 | CVE-2024-49649 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Abdul Hakeem Build App Online allows PHP Local File Inclusion.This issue affects Build App Online: from n/a through 1.0.23. | Build_app_online | 9.8 |