WordPress Plugin Vulnerabilities

Nex-Forms Express WP Form Builder < 9.1.8 - Authenticated Stored XSS

Description

The plugin does not sanitise and escape some of its settings. The plugin can be configured in such a way that could allow subscribers to perform Stored Cross-Site Scripting.

Proof of Concept

Affects Plugins

Plugin icon
nex-forms-express-wp-form-builder
Fixed in 9.1.8

References

CVE
CVE-2025-14803

Classification

Type
XSS
OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79
CVSS
6.8 (medium)

Miscellaneous

Original Researcher
Vuln Seeker Cyber Security Team
Submitter
Vuln Seeker Cyber Security Team
Submitter website
https://vulnseeker.org/
Verified
Yes
WPVDB ID
219af0e7-3d8b-4405-8005-b8969a370b0b

Timeline

Publicly Published
2025-12-19 (about 22 days ago)
Added
2025-12-19 (about 21 days ago)
Last Updated
2025-12-19 (about 21 days ago)

Other

Published
Title
Published
2024-08-27
Title
Special Feed Items <= 1.0.1 - Stored XSS via CSRF
Published
2024-10-21
Title
Robo Gallery < 3.2.22 - Authenticated (Author+) Stored Cross-Site Scripting
Published
2023-09-25
Title
iframe < 4.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'iframe' Shortcode
Published
2017-12-10
Title
SagePay Server Gateway for WooCommerce <= 1.0.8 - Unauthenticated Cross-Site Scripting (XSS)
Published
2024-05-08
Title
Enter Addons < 2.1.6 - Contributor+ Stored XSS via Animation Title widget