CVE-2026-12404 | webaways NEX-Forms Plugin up to 9.2.2 on WordPress authorization

Inserito da Angelo Barbosa | Giu 27, 2026 | CVE

A vulnerability described as problematic has been identified in webaways NEX-Forms Plugin up to 9.2.2 on WordPress. Impacted is an unknown function. Such manipulation leads to missing authorization.

This vulnerability is documented as CVE-2026-12404. The attack can be executed remotely. There is not any exploit available.

Upgrading the affected component is recommended.

CVE-2026-12404 | webaways NEX-Forms Plugin up to 9.2.2 on WordPress authorization

Post correlati

CVE-2025-69020 | Tribulant Newsletters Plugin up to 4.12 on WordPress cross site scripting

CVE-2023-7038 | automad up to 1.10.9 User Creation dashboard cross-site request forgery

CVE-2026-8485 | Progress MOVEit Automation up to 2025.0.10/2025.1.6 memory allocation

CVE-2021-47554 | Linux Kernel up to 5.15.5 vdpa_sim vdpasim_create null pointer dereference (e4d58ac67e63/bb93ce4b150d)