cpe:/a:nex-forms_lite_project:nex-forms_lite:2.1.0::~~~wordpress~~ CVE-2014-7151 2016-01-08T16:59:01.387-05:00 2016-01-11T20:22:11.287-05:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov 2016-01-11T14:12:57.980-05:00 MISC https://research.g0blin.co.uk/cve-2014-7151/ MISC https://wpvulndb.com/vulnerabilities/8237 Multiple cross-site scripting (XSS) vulnerabilities in the NEX-Forms Lite plugin 2.1.0 for WordPress allow remote attackers to inject arbitrary web script or HTML via the form_fields parameter in a (1) do_edit or (2) do_insert action to wp-admin/admin-ajax.php.