WordPress Plugin Vulnerabilities

NEX-Forms < 8.4 - Admin+ SQL Injection

Description

The plugin does not properly escape the `table` parameter, which is populated with user input, before concatenating it to an SQL query.

Proof of Concept

Affects Plugins

Plugin icon
nex-forms-express-wp-form-builder
Fixed in 8.4

References

CVE
CVE-2023-2114
URL
https://github.com/SchmidAlex/nex-forms_SQL-Injection

Classification

Type
SQLI
OWASP top 10
A1: Injection
CWE
CWE-89
CVSS
4.1 (medium)

Miscellaneous

Original Researcher
Alexander Schmid
Submitter
Alexander Schmid
Verified
Yes
WPVDB ID
3d8ab3a5-1bf8-4216-91fa-e89541e5c43d

Timeline

Publicly Published
2023-04-17 (about 2 years ago)
Added
2023-04-17 (about 2 years ago)
Last Updated
2023-04-17 (about 2 years ago)

Other

Published
Title
Published
2025-01-27
Title
Eventer < 3.9.9 - Unauthenticated SQL Injection via eventer_get_attendees
Published
2025-01-07
Title
MindValley Super PageMash <= 1.1 - Authenticated (Editor+) SQL Injection
Published
2022-11-14
Title
Chaty < 3.0.3 - Admin+ SQLi
Published
2025-06-05
Title
WC Vendors Marketplace < 2.5.7 - Authenticated (Administrator+) SQL Injection
Published
2021-11-24
Title
Hide My WP < 6.2.4 - Unauthenticated SQL Injection