NEX-Forms < 7.9.7 - Authenticated SQLi
CVE-2022-3142

8.8HIGH

Key Information:

Vendor: Wordpress
Status: Nex-forms – Ultimate Form Builder – Contact Forms And Much More
Vendor: CVE Published:; 19 September 2022

Summary

The NEX-Forms WordPress plugin before 7.9.7 does not properly sanitise and escape user input before using it in SQL statements, leading to SQL injections. The attack can be executed by anyone who is permitted to view the forms statistics chart, by default administrators, however can be configured otherwise via the plugin settings.

Affected Version(s)

NEX-Forms – Ultimate Form Builder – Contact forms and much more 7.9.7

References

https://medium.com/%40elias.hohl/authenticated-sql-inject...

https://wpscan.com/vulnerability/8acc0fc6-efe6-4662-b9ac-...

http://packetstormsecurity.com/files/171477/WordPress-NEX...

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Sep 19, 2022
Vulnerability Reserved
Sep 6, 2022

Credit

Elias Hohl