How severe is CVE-2025-14803?

CVE-2025-14803 has a CVSS v3 score of 6.8 (MEDIUM).

CVE-2025-14803

6.8MEDIUM

The NEX-Forms WordPress plugin before 9.1.8 does not sanitise and escape some of its settings. The NEX-Forms WordPress plugin before 9.1.8 can be configured in such a way that could allow subscriber

게시됨: 1/9/2026업데이트됨: 1/13/2026

설명

The NEX-Forms WordPress plugin before 9.1.8 does not sanitise and escape some of its settings. The NEX-Forms WordPress plugin before 9.1.8 can be configured in such a way that could allow subscribers to perform Stored Cross-Site Scripting.

AI 분석AI 기반

참조

https://wpscan.com/vulnerability/219af0e7-3d8b-4405-8005-b8969a370b0b/