WordPress Plugin Vulnerabilities

NEX-Forms < 8.4.3 - Stored Cross-Site Scripting via CSRF

Description

The plugin does not have CSRF checks in place when editing a form, and does not escape some of its settings as well as form fields before outputting them in attributes. This could allow attackers to make a logged in admin edit arbitrary forms with Cross-Site Scripting payloads in them

Proof of Concept

Affects Plugins

Plugin icon
nex-forms-express-wp-form-builder
Fixed in 8.4.3

References

CVE
CVE-2021-24705

Classification

Type
XSS
OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79
CVSS
7.1 (high)

Miscellaneous

Original Researcher
Shivam Rai
Submitter
Shivam Rai
Submitter twitter
shivam24rai
Verified
Yes
WPVDB ID
eca883d8-9499-4dbd-8fe1-4447fc2ca28a

Timeline

Publicly Published
2021-11-15 (about 4 years ago)
Added
2021-11-15 (about 4 years ago)
Last Updated
2023-05-18 (about 2 years ago)

Other

Published
Title
Published
2023-08-17
Title
Mortgage Calculator Estatik <= 2.0.12 - Reflected XSS
Published
2025-02-23
Title
GDPR Cookie Compliance < 4.15.9 - Admin+ Stored XSS
Published
2025-11-17
Title
Photonic Gallery & Lightbox for Flickr, SmugMug & Others < 3.22 - Authenticated (Contributor+) Stored Cross-Site Scripting via Caption Attribute
Published
2022-01-26
Title
Add Subtitle <= 1.1.0 - Contributor+ Stored Cross-Site Scripting
Published
2019-02-05
Title
Quiz And Survey Master < 6.2.2 - Authenticated Cross-Site Scripting (XSS)