Filtered by vendor Basixonline
Subscriptions
Total
21 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-24705 | 1 Basixonline | 1 Nex-forms | 2024-11-21 | 4.8 Medium |
| The NEX-Forms WordPress plugin before 8.4.3 does not have CSRF checks in place when editing a form, and does not escape some of its settings as well as form fields before outputting them in attributes. This could allow attackers to make a logged in admin edit arbitrary forms with Cross-Site Scripting payloads in them | ||||