Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8117 matches found

NVD
NVDadded 2026/02/20 4:22 p.m.2 views

CVE-2025-69326

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Basix NEX-Forms nex-forms-express-wp-form-builder allows Reflected XSS.This issue affects NEX-Forms: from n/a through = 9.1.7...

7.1CVSS0.00045EPSS
Exploits0References1
NVD
NVDadded 2026/02/20 4:22 p.m.2 views

CVE-2025-68863

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Zack Katz iContact for Gravity Forms gravity-forms-icontact allows Reflected XSS.This issue affects iContact for Gravity Forms: from n/a through = 1.3.2...

7.1CVSS0.00045EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2026/02/20 3:47 p.m.4 views

CVE-2026-22350 WordPress PDF for Elementor Forms + Drag And Drop Template Builder plugin <= 6.3.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in add-ons.org PDF for Elementor Forms + Drag And Drop Template Builder pdf-for-elementor-forms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PDF for Elementor Forms + Drag And Drop Template Builder: from n/a through...

6.5CVSS5.3AI score0.00042EPSS
Exploits0References1
CVE
CVEadded 2026/02/20 3:47 p.m.8 views

CVE-2026-22350

CVE-2026-22350: Broken/Missing Authorization in WordPress plugin PDF for Elementor Forms + Drag And Drop Template Builder (versions up to 6.3.1). Exploitation involves bypassing access control to obtain PDF-related actions. Public details from multiple sources confirm the affected plugin/version ...

6.5CVSS5.5AI score0.00042EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/02/20 3:47 p.m.27 views

CVE-2026-22350 WordPress PDF for Elementor Forms + Drag And Drop Template Builder plugin <= 6.3.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in add-ons.org PDF for Elementor Forms + Drag And Drop Template Builder pdf-for-elementor-forms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PDF for Elementor Forms + Drag And Drop Template Builder: from n/a through...

6.5CVSS0.00042EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2026/02/20 3:47 p.m.4 views

CVE-2026-22350

Missing Authorization vulnerability in add-ons.org PDF for Elementor Forms + Drag And Drop Template Builder pdf-for-elementor-forms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PDF for Elementor Forms + Drag And Drop Template Builder: from n/a through...

5.4AI score0.00042EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2026/02/20 3:46 p.m.3 views

CVE-2025-69326 WordPress NEX-Forms plugin <= 9.1.7 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Basix NEX-Forms nex-forms-express-wp-form-builder allows Reflected XSS.This issue affects NEX-Forms: from n/a through = 9.1.7...

7.1CVSS5.3AI score0.00045EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/02/20 3:46 p.m.19 views

CVE-2025-69324 WordPress NEX-Forms plugin <= 9.1.7 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Basix NEX-Forms nex-forms-express-wp-form-builder allows Stored XSS.This issue affects NEX-Forms: from n/a through = 9.1.7...

7.1CVSS0.00045EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2026/02/20 3:46 p.m.2 views

CVE-2025-69324 WordPress NEX-Forms plugin <= 9.1.7 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Basix NEX-Forms nex-forms-express-wp-form-builder allows Stored XSS.This issue affects NEX-Forms: from n/a through = 9.1.7...

5.3AI score0.00045EPSS
Exploits0References1
CVE
CVEadded 2026/02/20 3:46 p.m.7 views

CVE-2025-69326

CVE-2025-69326 is a Reflected XSS in the Basix NEX-Forms nex-forms-express-wp-form-builder plugin for WordPress, with input not properly neutralized during web page generation. Affected: NEX-Forms versions up to and including 9.1.7. Impact per the CVSS vector shows Network attack, User Interactio...

7.1CVSS5.5AI score0.00045EPSS
Exploits0References1
CVE
CVEadded 2026/02/20 3:46 p.m.9 views

CVE-2025-69324

CVE-2025-69324 describes a stored XSS vulnerability in Basix NEX-Forms (WordPress plugin: nex-forms-express-wp-form-builder) affecting versions up to and including 9.1.7. Root cause: improper input neutralization during web page generation leading to stored Cross-Site Scripting. Impact per source...

7.1CVSS5.5AI score0.00045EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/02/20 3:46 p.m.20 views

CVE-2025-69326 WordPress NEX-Forms plugin <= 9.1.7 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Basix NEX-Forms nex-forms-express-wp-form-builder allows Reflected XSS.This issue affects NEX-Forms: from n/a through = 9.1.7...

7.1CVSS0.00045EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2026/02/20 3:46 p.m.2 views

CVE-2025-68863 WordPress iContact for Gravity Forms plugin <= 1.3.2 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Zack Katz iContact for Gravity Forms gravity-forms-icontact allows Reflected XSS.This issue affects iContact for Gravity Forms: from n/a through = 1.3.2...

5.3AI score0.00045EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/02/20 3:46 p.m.23 views

CVE-2025-68863 WordPress iContact for Gravity Forms plugin <= 1.3.2 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Zack Katz iContact for Gravity Forms gravity-forms-icontact allows Reflected XSS.This issue affects iContact for Gravity Forms: from n/a through = 1.3.2...

7.1CVSS0.00045EPSS
Exploits0References1
CVE
CVEadded 2026/02/20 3:46 p.m.9 views

CVE-2025-68863

CVE-2025-68863 corresponds to a Reflected XSS in the WordPress plugin “iContact for Gravity Forms” (gravity-forms-icontact) up to version 1.3.2. The vulnerability arises from improper input neutralization during web page generation, enabling an attacker to inject scripts when a victim views a cra...

7.1CVSS5.5AI score0.00045EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/02/20 1:27 p.m.2 views

CVE-2026-25420

Missing Authorization vulnerability in MailerLite MailerLite official-mailerlite-sign-up-forms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MailerLite: from n/a through = 1.7.18...

4.3CVSS5.5AI score0.00053EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/02/20 1:26 p.m.4 views

CVE-2026-22422

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in wpeverest Everest Forms everest-forms allows Code Injection.This issue affects Everest Forms: from n/a through = 3.4.1...

5.3CVSS5.5AI score0.00061EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2026/02/20 12:0 a.m.4 views

PT-2026-21142

Name of the Vulnerable Software and Affected Versions Basix NEX-Forms versions through 9.1.7 Description The software contains a flaw due to improper handling of user-supplied data when creating web pages, leading to a potential Reflected Cross-Site Scripting XSS condition. This allows an attacke...

5.4AI score0.00045EPSS
Exploits0References3
CNNVD
CNNVDadded 2026/02/20 12:0 a.m.4 views

WordPress plugin iContact for Gravity Forms 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...

7.1CVSS5.6AI score0.00045EPSS
Exploits0References1
CNNVD
CNNVDadded 2026/02/20 12:0 a.m.5 views

WordPress plugin PDF for Elementor Forms + Drag And Drop Template Builder 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...

6.5CVSS5.8AI score0.00042EPSS
Exploits0References1
Rows per page
Query Builder