Total
21 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-24705 | 1 Basixonline | 1 Nex-forms | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
| The NEX-Forms WordPress plugin before 8.4.3 does not have CSRF checks in place when editing a form, and does not escape some of its settings as well as form fields before outputting them in attributes. This could allow attackers to make a logged in admin edit arbitrary forms with Cross-Site Scripting payloads in them | |||||