Vulnerabilities > Basixonline > NEX Forms > 8.4.3

DATE CVE VULNERABILITY TITLE RISK
2024-01-05 CVE-2023-52120 Cross-Site Request Forgery (CSRF) vulnerability in Basixonline Nex-Forms
Cross-Site Request Forgery (CSRF) vulnerability in Basix NEX-Forms – Ultimate Form Builder – Contact forms and much more.This issue affects NEX-Forms – Ultimate Form Builder – Contact forms and much more: from n/a through 8.5.2.
network
low complexity
basixonline CWE-352
8.8
8.8
2023-12-28 CVE-2023-50838 SQL Injection vulnerability in Basixonline Nex-Forms
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Basix NEX-Forms – Ultimate Form Builder – Contact forms and much more.This issue affects NEX-Forms – Ultimate Form Builder – Contact forms and much more: from n/a through 8.5.5.
network
low complexity
basixonline CWE-89
7.2
7.2
2023-07-17 CVE-2023-0439 Unspecified vulnerability in Basixonline Nex-Forms
The NEX-Forms WordPress plugin before 8.4.4 does not escape its form name, which could lead to Stored Cross-Site Scripting issues.
network
low complexity
basixonline
5.4
5.4