Lucene search
K

71 matches found

NVD
NVD
added 2025/08/20 8:15 a.m.7 views

CVE-2025-49399

Cross-Site Request Forgery CSRF vulnerability in Basix NEX-Forms nex-forms-express-wp-form-builder allows Cross Site Request Forgery.This issue affects NEX-Forms: from n/a through = 9.1.3...

8.8CVSS0.00159EPSS
Exploits0References1
CVE
CVE
added 2025/08/20 8:3 a.m.19 views

CVE-2025-49399

CVE-2025-49399 is a CSRF vulnerability in the WordPress plugin “NEX-Forms – Ultimate Forms Plugin” (NEX-Forms Express WP Form Builder) affecting versions up to 9.1.3. The provided data indicate an attacker could induce CSRF, with CVSS v3.1 metrics showing a base score of 8.8 (High) and network at...

8.8CVSS5.9AI score0.00159EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/08/20 8:3 a.m.4 views

CVE-2025-49399 WordPress NEX-Forms Plugin <= 9.1.3 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery CSRF vulnerability in Basix NEX-Forms allows Cross Site Request Forgery. This issue affects NEX-Forms: from n/a through 9.1.3...

8.8CVSS7.2AI score0.00159EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/08/20 12:0 a.m.11 views

PT-2025-33940 · Basix · Basix Nex-Forms

Name of the Vulnerable Software and Affected Versions: Basix NEX-Forms versions through 9.1.3 Description: A Cross-Site Request Forgery CSRF vulnerability exists in Basix NEX-Forms, allowing attackers to perform actions on behalf of an authenticated user without their knowledge. This vulnerabilit...

8.8CVSS6.4AI score0.00159EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/05/23 10:1 a.m.14 views

CVE-2024-25593

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Basix NEX-Forms – Ultimate Form Builder allows Stored XSS.This issue affects NEX-Forms – Ultimate Form Builder: from n/a through 8.5.5...

6.5CVSS8.6AI score0.00317EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:24 a.m.9 views

CVE-2023-52120

Cross-Site Request Forgery CSRF vulnerability in Basix NEX-Forms – Ultimate Form Builder – Contact forms and much more.This issue affects NEX-Forms – Ultimate Form Builder – Contact forms and much more: from n/a through 8.5.2...

8.8CVSS8.5AI score0.00221EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:10 a.m.10 views

CVE-2023-50838

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Basix NEX-Forms – Ultimate Form Builder – Contact forms and much more.This issue affects NEX-Forms – Ultimate Form Builder – Contact forms and much more: from n/a through 8.5.5...

7.6CVSS7.8AI score0.00574EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:51 p.m.12 views

CVE-2021-34675

Basix NEX-Forms through 7.8.7 allows authentication bypass for stored PDF reports...

7.5CVSS7AI score0.01822EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:51 p.m.7 views

CVE-2021-34676

Basix NEX-Forms through 7.8.7 allows authentication bypass for Excel report generation...

7.5CVSS7.3AI score0.01822EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/02/05 8:35 a.m.10 views

CVE-2024-47389

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Basix NEX-Forms nex-forms-express-wp-form-builder allows Reflected XSS.This issue affects NEX-Forms: from n/a through = 8.7.3...

7.1CVSS5.9AI score0.00302EPSS
Exploits0References1
OSV
OSV
added 2024/12/06 2:15 p.m.5 views

CVE-2024-53808

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Basix NEX-Forms – Ultimate Form Builder allows SQL Injection.This issue affects NEX-Forms – Ultimate Form Builder: from n/a through 8.7.8...

7.2CVSS7.3AI score0.0059EPSS
Exploits0References1
NVD
NVD
added 2024/12/06 2:15 p.m.24 views

CVE-2024-53808

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Basix NEX-Forms nex-forms-express-wp-form-builder allows SQL Injection.This issue affects NEX-Forms: from n/a through = 8.7.8...

8.5CVSS0.0059EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/12/06 1:6 p.m.21 views

CVE-2024-53808 WordPress NEX-Forms plugin <= 8.7.8 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Basix NEX-Forms nex-forms-express-wp-form-builder allows SQL Injection.This issue affects NEX-Forms: from n/a through = 8.7.8...

8.5CVSS0.0059EPSS
Exploits0References1
CVE
CVE
added 2024/12/06 1:6 p.m.60 views

CVE-2024-53808

CVE-2024-53808 : SQL Injection in WordPress plugin “NEX-Forms – Ultimate Form Builder” (Basix NEX-Forms) ≤ 8.7.8. Root cause: improper neutralization of input in SQL commands. Affected products/versions: NEX-Forms – Ultimate Form Builder up to 8.7.8. Exploitation status in provided docs: not indi...

8.5CVSS7.3AI score0.0059EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2024/12/06 12:0 a.m.7 views

PT-2024-35922 · Unknown · Basix Nex-Forms

Name of the Vulnerable Software and Affected Versions: Basix NEX-Forms – Ultimate Form Builder versions prior to 8.7.9 Description: The issue is related to the improper neutralization of special elements used in an SQL command, also known as 'SQL Injection'. This allows for malicious SQL commands...

8.5CVSS7.6AI score0.0059EPSS
Exploits0References6
NVD
NVD
added 2024/10/05 3:15 p.m.19 views

CVE-2024-47389

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Basix NEX-Forms nex-forms-express-wp-form-builder allows Reflected XSS.This issue affects NEX-Forms: from n/a through = 8.7.3...

7.1CVSS0.00302EPSS
Exploits0References1
OSV
OSV
added 2024/10/05 3:15 p.m.4 views

CVE-2024-47389

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Basix NEX-Forms – Ultimate Form Builder allows Reflected XSS.This issue affects NEX-Forms – Ultimate Form Builder: from n/a through 8.7.3...

6.1CVSS5.8AI score0.00302EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/10/05 2:47 p.m.16 views

CVE-2024-47389 WordPress NEX-Forms plugin <= 8.7.3 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Basix NEX-Forms – Ultimate Form Builder allows Reflected XSS.This issue affects NEX-Forms – Ultimate Form Builder: from n/a through 8.7.3...

7.1CVSS7AI score0.00302EPSS
Exploits0References1
CVE
CVE
added 2024/10/05 2:47 p.m.50 views

CVE-2024-47389

CVE-2024-47389 affects WordPress NEX-Forms – Ultimate Form Builder (plugin

7.1CVSS5.9AI score0.00302EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/10/05 2:47 p.m.24 views

CVE-2024-47389 WordPress NEX-Forms plugin <= 8.7.3 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Basix NEX-Forms nex-forms-express-wp-form-builder allows Reflected XSS.This issue affects NEX-Forms: from n/a through = 8.7.3...

7.1CVSS0.00302EPSS
Exploits0References1
Rows per page
Query Builder