CVE-2024-10098 Information

Description

The ApplyOnline WordPress plugin before 2.6.3 does not protect uploaded files during the application process allowing unauthenticated users to access them and any private information they contain

Reference

https://wpscan.com/vulnerability/242dac1f-9a1f-4fde-b8c7-374bd451071d/