CVE-2026-1948 | webaways NEX-Forms Plugin up to 9.1.9 on WordPress deactivate_license authorization

Inserito da Angelo Barbosa | Mar 14, 2026 | CVE

A vulnerability has been found in webaways NEX-Forms Plugin up to 9.1.9 on WordPress and classified as critical. This affects the function deactivate_license. This manipulation causes missing authorization.

This vulnerability is tracked as CVE-2026-1948. The attack is possible to be carried out remotely. No exploit exists.

CVE-2026-1948 | webaways NEX-Forms Plugin up to 9.1.9 on WordPress deactivate_license authorization

Post correlati

CVE-2025-20928 | Samsung Notes up to 4.4.21.62 wbmp Image Parser out-of-bounds

CVE-2024-12614 | Passwords Manager Plugin up to 1.4.8 on WordPress Encryption Key authorization

CVE-2025-23601 | Tab My Content Plugin up to 1.0.0 on WordPress cross site scripting

CVE-2023-43318 | TP-Link TL-SG2210P 5.0 Build 20211201 Web Console tid/usrlvl access control