Buildapp: >> Build App Online >> 1.0.15 Security Vulnerabilities
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in hakeemnala Build App Online build-app-online allows PHP Local File Inclusion.This issue affects Build App Online: from n/a through <= 1.0.23.
CVSS Score
9.8
EPSS Score
0.046
Published
2025-01-07
Cross-Site Request Forgery (CSRF) vulnerability in hakeemnala Build App Online build-app-online allows Cross Site Request Forgery.This issue affects Build App Online: from n/a through <= 1.0.23.
CVSS Score
8.8
EPSS Score
0.003
Published
2024-12-02
The Build App Online plugin for WordPress is vulnerable to account takeover due to a weak password reset mechanism in all versions up to, and including, 1.0.22. This makes it possible for unauthenticated attackers to reset the password of arbitrary users by guessing an 4-digit numeric reset code.
CVSS Score
8.1
EPSS Score
0.018
Published
2024-06-11
Improper Privilege Management vulnerability in Abdul Hakeem Build App Online allows Privilege Escalation.This issue affects Build App Online: from n/a through 1.0.19.
CVSS Score
8.8
EPSS Score
0.003
Published
2024-05-17
Improper Authentication vulnerability in Abdul Hakeem Build App Online allows Privilege Escalation.This issue affects Build App Online: from n/a through 1.0.19.
CVSS Score
9.8
EPSS Score
0.001
Published
2024-04-25