Spiderteams: >> Applyonline - Application Form Builder And Manager Security Vulnerabilities
The ApplyOnline WordPress plugin before 2.6.3 does not protect uploaded files during the application process, allowing unauthenticated users to access them and any private information they contain
CVSS Score
2.7
EPSS Score
0.0
Published
2025-05-15
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Spider Teams ApplyOnline – Application Form Builder and Manager plugin <= 2.5.2 versions.
CVSS Score
7.1
EPSS Score
0.002
Published
2023-10-25
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Spider Teams ApplyOnline plugin <= 2.5 versions.
CVSS Score
5.9
EPSS Score
0.001
Published
2023-08-10