CVE-2025-49989
- EPSS 0.04%
- Published 20.06.2025 15:15:25
- Last modified 23.06.2025 20:16:40
Missing Authorization vulnerability in App Cheap App Builder allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects App Builder: from n/a through 5.5.3.
CVE-2024-9302
- EPSS 0.56%
- Published 25.10.2024 07:15:05
- Last modified 05.11.2024 17:39:17
The App Builder – Create Native Android & iOS Apps On The Flight plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 5.3.7. This is due to the verify_otp_forgot_password() and update_p...
CVE-2024-7651
- EPSS 0.26%
- Published 21.08.2024 06:15:12
- Last modified 31.08.2024 03:28:02
The App Builder – Create Native Android & iOS Apps On The Flight plugin for WordPress is vulnerable to limited SQL Injection via the ‘app-builder-search’ parameter in all versions up to, and including, 4.2.6 due to insufficient escaping on the user s...
CVE-2024-32565
- EPSS 0.2%
- Published 18.04.2024 10:15:10
- Last modified 21.11.2024 09:15:11
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Appcheap.Io App Builder allows Stored XSS.This issue affects App Builder: from n/a through 3.8.8.
CVE-2024-31282
- EPSS 0.21%
- Published 10.04.2024 16:15:13
- Last modified 08.04.2025 15:05:10
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Appcheap.Io App Builder.This issue affects App Builder: from n/a through 3.8.7.