The plugin was vulnerable to Authentication Bypass for PDF Reports allowing unauthenticated attackers to download PDF reports.
http://www.example.com/wp-content/uploads/submission_report.pdf
basixonline.net/nex-forms-wordpress-form-builder-demo/change-log/
codecanyon.net/item/nexforms-the-ultimate-wordpress-form-builder/7103891
github.com/rauschecker/CVEs/tree/main/CVE-2021-34675