Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

hakeemnala

Source -

CNA

BOS Name -

N/A

CNA CVEs -

3

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

0
Related CVEsRelated ProductsRelated AssignersReports
3Vulnerabilities found
CVE-2025-53249
Assigner-Patchstack
ShareView Details
Assigner-Patchstack
CVSS Score-6.5||MEDIUM
EPSS-0.02% / 2.49%
||
7 Day CHG~0.00%
Published-14 Aug, 2025 | 18:22
Updated-15 Aug, 2025 | 13:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress Build App Online Plugin <= 1.0.23 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery (CSRF) vulnerability in hakeemnala Build App Online allows Cross Site Request Forgery. This issue affects Build App Online: from n/a through 1.0.23.

Action-Not Available
Vendor-hakeemnala
Product-Build App Online
CWE ID-CWE-352
Cross-Site Request Forgery (CSRF)
CVE-2025-32577
Assigner-Patchstack
ShareView Details
Assigner-Patchstack
CVSS Score-9.8||CRITICAL
EPSS-0.22% / 44.81%
||
7 Day CHG~0.00%
Published-11 Apr, 2025 | 08:42
Updated-11 Apr, 2025 | 15:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress Build App Online Plugin <= 1.0.23 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in hakeemnala Build App Online allows PHP Local File Inclusion. This issue affects Build App Online: from n/a through 1.0.23.

Action-Not Available
Vendor-hakeemnala
Product-Build App Online
CWE ID-CWE-98
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')
CVE-2023-7264
Assigner-Wordfence
ShareView Details
Assigner-Wordfence
CVSS Score-8.1||HIGH
EPSS-1.77% / 81.92%
||
7 Day CHG~0.00%
Published-11 Jun, 2024 | 03:16
Updated-05 Feb, 2025 | 16:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Build App Online <= 1.0.21 - Account Takeover via Weak Password Reset Mechanism

The Build App Online plugin for WordPress is vulnerable to account takeover due to a weak password reset mechanism in all versions up to, and including, 1.0.21. This makes it possible for unauthenticated attackers to reset the password of arbitrary users by guessing an 4-digit numeric reset code.

Action-Not Available
Vendor-buildapphakeemnalarahamsolutions
Product-build_app_onlineBuild App Onlinebuild_app_online
CWE ID-CWE-640
Weak Password Recovery Mechanism for Forgotten Password