CVE-2023-2114

Description

The NEX-Forms WordPress plugin before 8.4 does not properly escape the table parameter, which is populated with user input, before concatenating it to an SQL query.

NVD
Severity: HIGH
CVE ID: CVE-2023-2114
CVSS Score: 7.2
CVSS Metrics: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Refrence: NVD MITRE

Proof Of Concept

SchmidAlex

Quick Review about the SQL-Injection in the NEX-Forms Plugin for WordPress

Refrence: GitHub

Content on GitHub

hshivhare67 | watchers:0

Framework_base_AOSP10_r33_CVE-2023-21144

Refrence: GitHub

nidhi7598 | watchers:0

frameworks_base_AOSP_10_r33_CVE-2023-21145

Refrence: GitHub

hshivhare67 | watchers:0

Framework_base_AOSP10_r33_CVE-2023-21144_old

Refrence: GitHub

Description​

Proof Of Concept​

Content on GitHub​

Description

Proof Of Concept

Content on GitHub