CVE-2025-3468 | NEX-Forms Plugin up to 8.9.1 on WordPress clean_html/form_fields cross site scripting

Inserito da Angelo Barbosa | Mag 8, 2025 | CVE

A vulnerability has been found in NEX-Forms Plugin up to 8.9.1 on WordPress and classified as problematic. Affected by this vulnerability is an unknown functionality. The manipulation of the argument clean_html/form_fields leads to cross site scripting.

This vulnerability is known as CVE-2025-3468. The attack can be launched remotely. There is no exploit available.

CVE-2025-3468 | NEX-Forms Plugin up to 8.9.1 on WordPress clean_html/form_fields cross site scripting

Post correlati

CVE-2025-1692 | MongoDB mongosh up to 2.3.8 Control Character escape, meta, or control sequences

CVE-2024-23953 | Apache Hive 2.2.x/3.x LlapSignerImpl Arrays.equals integrity check

CVE-2024-10435 | didi Super-Jacoco 1.0 /cov/triggerEnvCov uuid command injection

CVE-2024-49337 | IBM OpenPages with Watson 8.3/9.0 Email Notification text cross site scripting