A vulnerability has been found in NEX-Forms Plugin up to 9.2.2 on WordPress and classified as problematic. This vulnerability affects unknown code of the component Dashboard. Performing a manipulation results in cross site scripting.

This vulnerability is reported as CVE-2026-10525. The attack is possible to be carried out remotely. No exploit exists.