SchmidAlex

1 exploit Active since May 2023
CVE-2023-2114 NOMISEC HIGH WRITEUP
NEX-Forms < 8.4 - SQL Injection via Table Parameter
The NEX-Forms WordPress plugin before 8.4 does not properly escape the `table` parameter, which is populated with user input, before concatenating it to an SQL query.
2 stars
CVSS 7.2