Known Vulnerabilities for products from Basixonline
Listed below are 17 of the newest known vulnerabilities associated with the vendor "Basixonline".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2024-53808 json | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Basix NEX-Forms nex-for... | Not Provided | 2024-12-06 | 2026-04-23 |
| CVE-2024-47389 json | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Basix NEX-Forms nex-for... | Not Provided | 2024-10-05 | 2026-04-23 |
| CVE-2024-25593 json | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Basix NEX-Forms – Ult... | Not Provided | 2024-03-15 | 2026-04-28 |
| CVE-2024-10862 json | The NEX-Forms – Ultimate Form Builder – Contact forms and much more plugin for WordPress is vulnerable to SQL Injection v... | Not Provided | 2024-12-25 | 2026-04-08 |
| CVE-2024-1130 json | The NEX-Forms – Ultimate Form Builder – Contact forms and much more plugin for WordPress is vulnerable to unauthorized ac... | Not Provided | 2024-02-29 | 2026-04-08 |
| CVE-2024-1129 json | The NEX-Forms – Ultimate Form Builder – Contact forms and much more plugin for WordPress is vulnerable to unauthorized ac... | Not Provided | 2024-02-29 | 2026-04-08 |
| CVE-2024-0907 json | The NEX-Forms – Ultimate Form Builder – Contact forms and much more plugin for WordPress is vulnerable to unauthorized ac... | Not Provided | 2024-02-29 | 2026-04-08 |
| CVE-2023-52120 json | Cross-Site Request Forgery (CSRF) vulnerability in Basix NEX-Forms – Ultimate Form Builder – Contact forms and much more.... | Not Provided | 2024-01-05 | 2026-04-28 |
| CVE-2023-50838 json | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Basix NEX-Forms – Ult... | Not Provided | 2023-12-28 | 2026-04-28 |
| CVE-2023-2114 json | The NEX-Forms WordPress plugin before 8.4 does not properly escape the `table` parameter, which is populated with user input,... | 7.2 - HIGH | 2023-05-08 | 2023-11-07 |
| CVE-2023-0439 json | The NEX-Forms WordPress plugin before 8.4.4 does not escape its form name, which could lead to Stored Cross-Site Scripting is... | 5.4 - MEDIUM | 2023-07-17 | 2023-11-07 |
| CVE-2023-0272 json | The NEX-Forms WordPress plugin before 8.3.3 does not validate and escape some of its shortcode attributes before outputting t... | 5.4 - MEDIUM | 2023-03-27 | 2023-11-07 |
| CVE-2022-3142 json | The NEX-Forms WordPress plugin before 7.9.7 does not properly sanitise and escape user input before using it in SQL statement... | 8.8 - HIGH | 2022-09-19 | 2023-11-07 |
| CVE-2021-34676 json | Basix NEX-Forms through 7.8.7 allows authentication bypass for Excel report generation. | 7.5 - HIGH | 2021-07-19 | 2021-07-29 |
| CVE-2021-34675 json | Basix NEX-Forms through 7.8.7 allows authentication bypass for stored PDF reports. | 7.5 - HIGH | 2021-07-19 | 2021-07-29 |
| CVE-2021-24705 json | The NEX-Forms WordPress plugin through 7.9.4 does not escape some of its settings and form fields before outputting them in a... | 4.8 - MEDIUM | 2021-12-13 | 2023-11-07 |
| CVE-2020-36670 json | The NEX-Forms. plugin for WordPress is vulnerable to unauthorized disclosure and modification of data in versions up to, and ... | Not Provided | 2023-03-07 | 2026-04-08 |