CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-53751 – WordPress Build App Online plugin <= 1.0.22 - Cross Site Request Forgery (CSRF) vulnerability
https://notcve.org/view.php?id=CVE-2024-53751
28 Nov 2024 — Cross-Site Request Forgery (CSRF) vulnerability in Abdul Hakeem Build App Online allows Cross Site Request Forgery.This issue affects Build App Online: from n/a through 1.0.22. La vulnerabilidad de Cross-Site Request Forgery (CSRF) en Abdul Hakeem Build App Online permite Cross-Site Request Forgery. Este problema afecta a Build App Online: desde n/a hasta 1.0.22. The Build App Online plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.0.22. This is due to mis... • https://patchstack.com/database/wordpress/plugin/build-app-online/vulnerability/wordpress-build-app-online-plugin-1-0-22-cross-site-request-forgery-csrf-vulnerability?_s_id=cve • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-51478 – WordPress Build App Online plugin <= 1.0.19 - Unauthenticated Account Takeover vulnerability
https://notcve.org/view.php?id=CVE-2023-51478
27 Dec 2023 — Improper Authentication vulnerability in Abdul Hakeem Build App Online allows Privilege Escalation.This issue affects Build App Online: from n/a through 1.0.19. Una vulnerabilidad de autenticación incorrecta en Abdul Hakeem Build App Online permite la escalada de privilegios. Este problema afecta a Build App Online: desde n/a hasta 1.0.19. The Build App Online plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 1.0.21. This is due to missing authentication checking ... • https://patchstack.com/database/vulnerability/build-app-online/wordpress-build-app-online-plugin-1-0-19-unauthenticated-account-takeover-vulnerability?_s_id=cve • CWE-287: Improper Authentication CWE-288: Authentication Bypass Using an Alternate Path or Channel •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-51479 – WordPress Build App Online plugin <= 1.0.19 - Authenticated Privilege Escalation vulnerability
https://notcve.org/view.php?id=CVE-2023-51479
27 Dec 2023 — Improper Privilege Management vulnerability in Abdul Hakeem Build App Online allows Privilege Escalation.This issue affects Build App Online: from n/a through 1.0.19. Una vulnerabilidad de gestión de privilegios incorrecta en Abdul Hakeem Build App Online permite una escalada de privilegios. Este problema afecta a Build App Online: desde n/a hasta 1.0.19. The Build App Online plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'update_user_meta' a... • https://patchstack.com/database/vulnerability/build-app-online/wordpress-build-app-online-plugin-1-0-19-authenticated-privilege-escalation-vulnerability?_s_id=cve • CWE-269: Improper Privilege Management CWE-862: Missing Authorization •