Vulnerability — CVE-2023-2114

CVE-2023-2114

Reference to the description:: https://nvd.nist.gov/vuln/detail/CVE-2023-2114
Description:: The NEX-Forms WordPress plugin before 8.4 does not properly escape the `table` parameter, which is populated with user input, before concatenating it to an SQL query.
Last updated date:: 05/12/2023

Type:: exploit
Confidence:: HIGH
Date of publishing:: 05/12/2023
Reference url to background: https://github.com/SchmidAlex/nex-forms_SQL-Injection

Type:: exploit
Confidence:: HIGH
Date of publishing:: 05/12/2023
Reference url to background: https://wpscan.com/vulnerability/3d8ab3a5-1bf8-4216-91fa-e89541e5c43d