Vulnerabilities > Basixonline > NEX Forms > 8.4.3
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-01-05 | CVE-2023-52120 | Cross-Site Request Forgery (CSRF) vulnerability in Basixonline Nex-Forms Cross-Site Request Forgery (CSRF) vulnerability in Basix NEX-Forms – Ultimate Form Builder – Contact forms and much more.This issue affects NEX-Forms – Ultimate Form Builder – Contact forms and much more: from n/a through 8.5.2. | 8.8 |
2023-12-28 | CVE-2023-50838 | SQL Injection vulnerability in Basixonline Nex-Forms Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Basix NEX-Forms – Ultimate Form Builder – Contact forms and much more.This issue affects NEX-Forms – Ultimate Form Builder – Contact forms and much more: from n/a through 8.5.5. | 7.2 |
2023-07-17 | CVE-2023-0439 | Unspecified vulnerability in Basixonline Nex-Forms The NEX-Forms WordPress plugin before 8.4.4 does not escape its form name, which could lead to Stored Cross-Site Scripting issues. | 5.4 |