cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2023-7264,https://securityvulnerability.io/vulnerability/CVE-2023-7264,Unauthenticated Attackers Can Reset User Passwords via Weak Password Reset Mechanism in Build App Online Plugin,"The Build App Online plugin for WordPress presents a significant security risk due to a flaw in its password reset mechanism. All versions up to and including 1.0.21 are affected, allowing unauthenticated attackers to reset passwords for arbitrary user accounts by exploiting a weak numerical reset code comprised of just four digits. This vulnerability highlights the need for stronger authentication protocols and underscores the importance of securing user accounts against unauthorized access.",Wordpress,Build App Online,8.1,HIGH,0.00044999999227002263,false,,false,false,false,,false,false,2024-06-11T03:16:59.623Z,0
CVE-2022-3241,https://securityvulnerability.io/vulnerability/CVE-2022-3241,Build App Online < 1.0.19 - Unauthenticated SQL Injection,The Build App Online WordPress plugin has a security flaw that allows unauthenticated users to execute SQL injection attacks through improperly sanitized AJAX requests. This vulnerability exposes sensitive data by enabling attackers to manipulate SQL queries to disclose or alter the database information.,Wordpress,Build App Online,9.8,CRITICAL,0.00267999991774559,false,,false,false,false,,false,false,2023-01-02T21:49:12.027Z,0