CVE Catalog

CVE-2026-57721

MediumCVSS 5.3
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.18%

8th percentile — higher than 8% of all known CVEs

Summary

The ApplyOnline WordPress plugin contains a missing authorization vulnerability that allows exploiting incorrectly configured access control security levels. This issue affects versions from n/a through 2.6.7.6.

Risk Assessment

An attacker can gain unauthorized access to administrative functions or data, leading to a breach of confidentiality and integrity of the system.

Recommendation

Immediately update the ApplyOnline plugin to the latest available version that fixes this vulnerability.

Original NVD description (English source)

Missing Authorization vulnerability in WP Reloaded ApplyOnline allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects ApplyOnline: from n/a through 2.6.7.6.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS