Lucene search
K

360 matches found

CNNVD
CNNVD
added 2021/07/19 12:0 a.m.8 views

WordPress 授权问题漏洞

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. An authorization issue vulnerability exists in the WordPress plugin Basix NEX-Forms 7.8.7 and earlie...

7.5CVSS7.3AI score0.01822EPSS
Exploits2References3
CNNVD
CNNVD
added 2021/07/19 12:0 a.m.6 views

WordPress 授权问题漏洞

WordPress is the WordPress Foundation's suite of blogging platforms developed using the PHP language. The platform supports the hosting of personal blogging sites on servers with PHP and MySQL. WordPress plugin Basix NEX-Forms in version 7.8.7 and earlier has an authentication bypass vulnerabilit...

7.5CVSS5.7AI score0.01822EPSS
Exploits2References3
Prion
Prion
added 2019/10/07 3:15 p.m.14 views

Sql injection

The nex-forms-express-wp-form-builder plugin before 4.6.1 for WordPress has SQL injection via the wp-admin/admin.php?page=nex-forms-main nexformsId parameter...

7.5CVSS8.4AI score0.0237EPSS
Exploits1References3Affected Software1
Positive Technologies
Positive Technologies
added 2019/10/07 12:0 a.m.6 views

PT-2019-7411 · Nexforms · Nex-Forms-Express-Wp-Form-Builder

Name of the Vulnerable Software and Affected Versions: nex-forms-express-wp-form-builder plugin versions prior to 4.6.1 Description: The issue is related to SQL injection via the "wp-admin/admin.php?page=nex-forms-main" API endpoint, specifically through the nex forms Id parameter. This allows fo...

9.8CVSS7.8AI score0.0237EPSS
Exploits1References7
CNVD
CNVD
added 2016/01/12 12:0 a.m.5 views

WordPress NEX-Forms Lite Plugin Cross-Site Scripting Vulnerability

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language , the platform supports PHP and MySQL server set up a personal blog site . NEX-Forms Lite is one of the user-defined plugin to create forms . A cross-site scripting vulnerability exists in...

6.1CVSS6AI score0.01155EPSS
Exploits1References1
NVD
NVD
added 2016/01/08 9:59 p.m.17 views

CVE-2014-7151

Multiple cross-site scripting XSS vulnerabilities in the NEX-Forms Lite plugin 2.1.0 for WordPress allow remote attackers to inject arbitrary web script or HTML via the formfields parameter in a 1 doedit or 2 doinsert action to wp-admin/admin-ajax.php...

6.1CVSS6.2AI score0.01155EPSS
Exploits1References2
Prion
Prion
added 2016/01/08 9:59 p.m.17 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the NEX-Forms Lite plugin 2.1.0 for WordPress allow remote attackers to inject arbitrary web script or HTML via the formfields parameter in a 1 doedit or 2 doinsert action to wp-admin/admin-ajax.php...

4.3CVSS6.2AI score0.01155EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2016/01/08 9:0 p.m.22 views

CVE-2014-7151

Multiple cross-site scripting XSS vulnerabilities in the NEX-Forms Lite plugin 2.1.0 for WordPress allow remote attackers to inject arbitrary web script or HTML via the formfields parameter in a 1 doedit or 2 doinsert action to wp-admin/admin-ajax.php...

6.2AI score0.01155EPSS
Exploits1References2
CVE
CVE
added 2016/01/08 9:0 p.m.42 views

CVE-2014-7151

CVE-2014-7151 affects the WordPress NEX-Forms Lite plugin (v2.1.0). It describes multiple cross-site scripting (XSS) vulnerabilities via the form_fields parameter in admin-ajax.php during do_edit/do_insert actions. Root cause: insufficient filtering of form_fields. Impact: cross-site script/HTML ...

6.1CVSS6.1AI score0.01155EPSS
Exploits1References2Affected Software1
WPVulnDB
WPVulnDB
added 2015/07/16 12:0 a.m.23 views

NEX-Forms <= 4.0 - Unauthenticated Blind SQL Injection

The NEX-Forms – Ultimate Form Builder – Contact forms and much more WordPress plugin was affected by an Unauthenticated Blind SQL Injection security vulnerability...

7.5CVSS2.2AI score0.0237EPSS
Exploits1References2Affected Software1
Patchstack
Patchstack
added 2015/07/16 12:0 a.m.9 views

WordPress NEX-Forms Plugin <= 4.0 - Blind SQL Injection

Because of this vulnerability, unauthenticated attackers and authenticatged users can inject arbitrary SQL commands. Solution Upgrade the plugin...

4.9AI score
Exploits0References1Affected Software1
Dsquare
Dsquare
added 2015/05/01 12:0 a.m.149 views

WordPress NEX-Forms 3.0 SQL Injection

SQL Injection vulnerability in WordPress NEX-Forms plugin nexformsId parameter Vulnerability Type: SQL Injection For the exploit source code contact DSquare Security sales team...

0.5AI score
Exploits0References1
Packet Storm
Packet Storm
added 2015/04/21 12:0 a.m.38 views

WordPress NEX-Forms 3.0 SQL Injection

Exploit Title : NEX-Forms 3.0 SQL Injection Vulnerability Exploit Author : Claudio Viviani Website Author: http://www.homelab.it http://archive-exploit.homelab.it/1 Full HomelabIT Vulns Archive Vendor Homepage : https://wordpress.org/plugins/nex-forms-express-wp-form-builder/ Software Link :...

Exploits0
0day.today
0day.today
added 2015/04/21 12:0 a.m.24 views

Wordpress NEX-Forms 3.0 SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title : NEX-Forms 3.0 SQL Injection Vulnerability Exploit Author : Claudio Viviani Website Author: http://www.homelab.it http://archive-exploit.homelab.it/1 Full HomelabIT Vulns Archive Vendor Homepage :...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2015/04/21 12:0 a.m.21 views

WordPress Plugin NEX-Forms 3.0 - SQL Injection

WordPress Plugin NEX-Forms 3.0 - SQL Injection Exploit Title : NEX-Forms 3.0 SQL Injection Vulnerability Exploit Author : Claudio Viviani Website Author: http://www.homelab.it http://archive-exploit.homelab.it/1 Full HomelabIT Vulns Archive Vendor Homepage :...

0.4AI score
Exploits0
Patchstack
Patchstack
added 2015/04/21 12:0 a.m.12 views

WordPress NEX-Forms <= 2.9 - SQL Injection

This WordPress NEX-Forms plugin is prone to an SQL injection. This vulnerability allows an attacker to modify data, compromise the access and application or exploit hidden vulnerabilities in the underlying database. Solution Update the plugin...

4AI score
Exploits0References1Affected Software1
Packet Storm
Packet Storm
added 2015/04/21 12:0 a.m.50 views

WordPress NEX-Forms 3.0 SQL Injection

AUTOR SCRIPT: Cleiton Pinheiro / Nick: googleINURL Exploit name: MINI 3xplo1t-SqlMap - WordPress NEX-Forms 3.0 SQL Injection Vulnerability Type: SQL Injection Email: [email protected] Blog: http://blog.inurl.com.br Twitter: https://twitter.com/googleinurl Fanpage: https://fb.com/InurlBrasil...

7.4AI score
Exploits0
WPVulnDB
WPVulnDB
added 2015/04/21 12:0 a.m.11 views

NEX-Forms - Ultimate Form builder <= 3.0 - SQL Injection

The NEX-Forms – Ultimate Form Builder – Contact forms and much more WordPress plugin was affected by an Ultimate Form builder = 3.0 - SQL Injection security vulnerability...

1.9AI score
Exploits0References4Affected Software1
Exploit DB
Exploit DB
added 2015/04/21 12:0 a.m.28 views

WordPress Plugin NEX-Forms &lt; 3.0 - SQL Injection

Exploit Title : NEX-Forms 3.0 SQL Injection Vulnerability Exploit Author : Claudio Viviani Website Author: http://www.homelab.it http://archive-exploit.homelab.it/1 Full HomelabIT Vulns Archive Vendor Homepage : https://wordpress.org/plugins/nex-forms-express-wp-form-builder/ Software Link :...

7.4AI score
Exploits0
Patchstack
Patchstack
added 2014/09/22 12:0 a.m.20 views

WordPress NEX-Forms Lite Plugin <= 2.1.0 - Multiple XSS

Because of these vulnerabilities, the attackers can inject arbitrary web script or HTML via the "formfields" parameter. Solution Update the plugin...

6.1CVSS2.9AI score0.01155EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder