96 matches found
CVE-2023-45751
Improper Control of Generation of Code 'Code Injection' vulnerability in POSIMYTH Nexter Extension.This issue affects Nexter Extension: from n/a through 2.0.3...
Code injection
Improper Control of Generation of Code 'Code Injection' vulnerability in POSIMYTH Nexter Extension.This issue affects Nexter Extension: from n/a through 2.0.3...
CVE-2023-45751 WordPress Nexter Extension Plugin <= 2.0.3 is vulnerable to Remote Code Execution (RCE)
Improper Control of Generation of Code 'Code Injection' vulnerability in POSIMYTH Nexter Extension.This issue affects Nexter Extension: from n/a through 2.0.3...
CVE-2023-45751
CVE-2023-45751 (Nexter Extension, POSIMYTH) : WordPress Nexter Extension versions up to 2.0.3 are vulnerable to remote code execution via a code-injection flaw in the Nexter metabox (authenticated, Editor+ required). Patch status: fixed in 2.0.4. The exploit path relies on issuing code through th...
CVE-2023-45657
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in POSIMYTH Nexter allows SQL Injection.This issue affects Nexter: from n/a through 2.0.3...
CVE-2023-45657
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in POSIMYTH Nexter allows SQL Injection.This issue affects Nexter: from n/a through 2.0.3...
Sql injection
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in POSIMYTH Nexter allows SQL Injection.This issue affects Nexter: from n/a through 2.0.3...
CVE-2023-45657
CVE-2023-45657 affects the Nexter WordPress theme up to version 2.0.3. Root cause is improper neutralization of special elements in SQL commands, enabling SQL Injection. Impact includes potential unauthorized data access; patch 2.0.4 fixes the issue. Authenticated/subscriber access is sufficient ...
CVE-2023-45750
Unauth. Reflected Cross-Site Scripting XSS vulnerability in POSIMYTH Nexter Extension plugin = 2.0.3 versions...
CVE-2023-45750
Unauth. Reflected Cross-Site Scripting XSS vulnerability in POSIMYTH Nexter Extension plugin = 2.0.3 versions...
Cross site scripting
Unauth. Reflected Cross-Site Scripting XSS vulnerability in POSIMYTH Nexter Extension plugin = 2.0.3 versions...
CVE-2023-45750 WordPress Nexter Extension Plugin <= 2.0.3 is vulnerable to Cross Site Scripting (XSS)
Unauth. Reflected Cross-Site Scripting XSS vulnerability in POSIMYTH Nexter Extension plugin = 2.0.3 versions...
CVE-2023-45750
CVE-2023-45750 concerns the Nexter Extension plugin for WordPress (POSIMYTH Nexter Extension) with an unauthenticated reflected XSS vulnerability in versions
CVE-2023-45750 WordPress Nexter Extension Plugin <= 2.0.3 is vulnerable to Cross Site Scripting (XSS)
Unauth. Reflected Cross-Site Scripting XSS vulnerability in POSIMYTH Nexter Extension plugin = 2.0.3 versions...
PT-2023-29666 · Unknown · Posimyth Nexter Extension
Name of the Vulnerable Software and Affected Versions: POSIMYTH Nexter Extension plugin versions = 2.0.3 Description: The issue is related to an Unauth. Reflected Cross-Site Scripting XSS vulnerability. This allows for malicious scripts to be injected into a website, potentially leading to...
WordPress Nexter Extension Plugin <= 2.0.3 is vulnerable to Remote Code Execution (RCE)
Software Nexter Extension Type Plugin Vulnerable versions = 2.0.3 Fixed in 2.0.4 OWASP Top 10 A1: Injection Classification Remote Code Execution RCE CVE CVE-2023-45751 Patch priority Medium CVSS severity Medium 9.1 Developer POSIMYTH Innovations PSID 69a3443fb3d9 Credits Rafie Muhammad Patchstack...