Lucene search
K

356 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2025-14001

Malicious code in bioql PyPI...

6.4CVSS7.2AI score0.00182EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2023-12351

Malicious code in bioql PyPI...

5.4CVSS6.5AI score0.00503EPSS
Exploits2References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-56794

Malicious code in bioql PyPI...

8.8CVSS9.1AI score0.00221EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.9 views

EUVD-2024-42425

Malicious code in bioql PyPI...

7.1CVSS6.6AI score0.00311EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/10/01 12:3 a.m.7 views

WordPress NEX-Forms LITE plugin < 8.2 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin NEX-Forms LITE versions 8.2...

7.1CVSS6.1AI score0.00223EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2025/08/22 8:31 a.m.6 views

CVE-2025-49399

Cross-Site Request Forgery CSRF vulnerability in Basix NEX-Forms nex-forms-express-wp-form-builder allows Cross Site Request Forgery.This issue affects NEX-Forms: from n/a through = 9.1.3...

8.8CVSS5.9AI score0.00159EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/08/20 9:5 a.m.9 views

WordPress NEX-Forms Plugin <= 9.1.3 - Cross Site Request Forgery (CSRF) Vulnerability

Cross Site Request Forgery CSRF Vulnerability discovered by Ananda Dhakal Patchstack in WordPress Plugin NEX-Forms versions = 9.1.3...

8.8CVSS6.6AI score0.00159EPSS
Exploits0Affected Software1
NVD
NVD
added 2025/08/20 8:15 a.m.7 views

CVE-2025-49399

Cross-Site Request Forgery CSRF vulnerability in Basix NEX-Forms nex-forms-express-wp-form-builder allows Cross Site Request Forgery.This issue affects NEX-Forms: from n/a through = 9.1.3...

8.8CVSS0.00159EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/08/20 8:3 a.m.19 views

CVE-2025-49399 WordPress NEX-Forms Plugin <= 9.1.3 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery CSRF vulnerability in Basix NEX-Forms nex-forms-express-wp-form-builder allows Cross Site Request Forgery.This issue affects NEX-Forms: from n/a through = 9.1.3...

8.8CVSS0.00159EPSS
Exploits0References1
CVE
CVE
added 2025/08/20 8:3 a.m.19 views

CVE-2025-49399

CVE-2025-49399 is a CSRF vulnerability in the WordPress plugin “NEX-Forms – Ultimate Forms Plugin” (NEX-Forms Express WP Form Builder) affecting versions up to 9.1.3. The provided data indicate an attacker could induce CSRF, with CVSS v3.1 metrics showing a base score of 8.8 (High) and network at...

8.8CVSS5.9AI score0.00159EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/08/20 8:3 a.m.4 views

CVE-2025-49399 WordPress NEX-Forms Plugin <= 9.1.3 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery CSRF vulnerability in Basix NEX-Forms allows Cross Site Request Forgery. This issue affects NEX-Forms: from n/a through 9.1.3...

8.8CVSS7.2AI score0.00159EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/08/20 12:0 a.m.5 views

WordPress plugin NEX-Forms 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

8.8CVSS6.5AI score0.00159EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/08/20 12:0 a.m.11 views

PT-2025-33940 · Basix · Basix Nex-Forms

Name of the Vulnerable Software and Affected Versions: Basix NEX-Forms versions through 9.1.3 Description: A Cross-Site Request Forgery CSRF vulnerability exists in Basix NEX-Forms, allowing attackers to perform actions on behalf of an authenticated user without their knowledge. This vulnerabilit...

8.8CVSS6.4AI score0.00159EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/05/23 10:1 a.m.14 views

CVE-2024-25593

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Basix NEX-Forms – Ultimate Form Builder allows Stored XSS.This issue affects NEX-Forms – Ultimate Form Builder: from n/a through 8.5.5...

6.5CVSS8.6AI score0.00317EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 8:23 a.m.6 views

CVE-2024-1130

The NEX-Forms – Ultimate Form Builder – Contact forms and much more plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the setread function in all versions up to, and including, 8.5.6. This makes it possible for authenticated attackers, with...

5.3CVSS5.1AI score0.00598EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 8:23 a.m.17 views

CVE-2024-1129

The NEX-Forms – Ultimate Form Builder – Contact forms and much more plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the setstarred function in all versions up to, and including, 8.5.6. This makes it possible for authenticated attackers, with...

5.3CVSS6.5AI score0.00598EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 8:19 a.m.10 views

CVE-2024-10862

The NEX-Forms – Ultimate Form Builder – Contact forms and much more plugin for WordPress is vulnerable to SQL Injection via the 'searchparams' parameter in all versions up to, and including, 8.7.15 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on t...

4.9CVSS7.2AI score0.00578EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:42 a.m.11 views

CVE-2024-37512

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Basix NEX-Forms – Ultimate Form Builder allows Stored XSS.This issue affects NEX-Forms – Ultimate Form Builder: from n/a through 8.5.10...

6.5CVSS6.8AI score0.00313EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:24 a.m.8 views

CVE-2024-0907

The NEX-Forms – Ultimate Form Builder – Contact forms and much more plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the restorerecords function in all versions up to, and including, 8.5.6. This makes it possible for authenticated attackers, with...

5.3CVSS6.5AI score0.00598EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:41 a.m.11 views

CVE-2023-0439

The NEX-Forms WordPress plugin before 8.4.4 does not escape its form name, which could lead to Stored Cross-Site Scripting issues. By default only SuperAdmins in multisite / admins in single site can create forms, however there is a settings allowing them to give lower roles access to such featur...

5.4CVSS5.3AI score0.00367EPSS
Exploits1References1
Rows per page
Query Builder