Lucene search
K

12 matches found

CVE
CVE
added 2026/02/20 3:46 p.m.11 views

CVE-2024-50452

CVE-2024-50452 affects the WordPress Nexter Blocks: the-plus-addons-for-block-editor, with a stored XSS flaw caused by improper input neutralization during web page generation. Exploitation could occur via vulnerable blocks in Nexter Blocks versions up to and including 3.3.3, enabling stored scri...

6.5CVSS5.5AI score0.00215EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/01/22 4:52 p.m.18 views

CVE-2026-24377 WordPress Nexter Blocks plugin <= 4.6.3 - Sensitive Data Exposure vulnerability

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in POSIMYTH Nexter Blocks the-plus-addons-for-block-editor allows Retrieve Embedded Sensitive Data.This issue affects Nexter Blocks: from n/a through = 4.6.3...

4.3CVSS0.0018EPSS
Exploits0References1
CVE
CVE
added 2026/01/22 4:52 p.m.16 views

CVE-2026-24377

CVE-2026-24377 : WordPress Nexter Blocks plugin ≤ 4.6.3 exposes embedded sensitive data to an unauthorized control sphere, enabling sensitive information exposure. CVSS 3.1 base score 4.3 (Medium) per the initial document; multiple sources corroborate a sensitive data exposure issue affecting Nex...

4.3CVSS5.4AI score0.0018EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/01/21 7:13 a.m.7 views

WordPress Nexter Extension - Site Enhancements Toolkit plugin <= 4.4.6 - Unauthenticated PHP Object Injection via 'nxt_unserialize_replace' vulnerability

WordPress Nexter Extension - Site Enhancements Toolkit plugin = 4.4.6 - Unauthenticated PHP Object Injection via 'nxtunserializereplace' vulnerability discovered by Webbernaut in WordPress Plugin Nexter Extension versions = 4.4.6...

8.1CVSS5.5AI score0.00479EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/12/02 8:25 p.m.12 views

WordPress Nexter Extension plugin <= 4.4.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Shortcode vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Nexter Extension versions = 4.4.1...

6.4CVSS5.6AI score0.00201EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/08/14 6:21 p.m.15 views

CVE-2025-54739 WordPress Nexter Blocks Plugin <= 4.5.4 - Broken Access Control Vulnerability

Missing Authorization vulnerability in POSIMYTH Nexter Blocks the-plus-addons-for-block-editor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Nexter Blocks: from n/a through = 4.5.4...

5.3CVSS0.00222EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/01/02 12:0 a.m.4 views

WordPress plugin Nexter Blocks 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerability...

6.5CVSS7.6AI score0.00248EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/10/24 10:5 a.m.2 views

WordPress Nexter Blocks plugin <= 3.3.3 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by João Pedro Soares de Alcântara - Kinorth Patchstack Alliance in WordPress Plugin Nexter Blocks versions = 3.3.3...

6.1AI score0.00215EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/10/24 12:0 a.m.6 views

WordPress Nexter Blocks Plugin <= 3.3.3 is vulnerable to Cross Site Scripting (XSS)

Software Nexter Blocks Type Plugin Vulnerable versions = 3.3.3 Fixed in 4.0.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-50452 Patch priority Low CVSS severity Low 6.5 Developer POSIMYTH Innovations PSID 5124e10b8774 Credits João Pedro S Alcântara Kinorth...

9.4AI score0.00215EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2024/06/19 12:0 a.m.5 views

WordPress plugin Nexter security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

7.6CVSS6.8AI score0.0035EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/10/24 11:28 a.m.19 views

CVE-2023-45750 WordPress Nexter Extension Plugin <= 2.0.3 is vulnerable to Cross Site Scripting (XSS)

Unauth. Reflected Cross-Site Scripting XSS vulnerability in POSIMYTH Nexter Extension plugin = 2.0.3 versions...

7.1CVSS6.3AI score0.00437EPSS
Exploits0References1
Patchstack
Patchstack
added 2023/10/12 12:0 a.m.12 views

WordPress Nexter Theme <= 2.0.3 is vulnerable to SQL Injection

Software Nexter Type Theme Vulnerable versions = 2.0.3 Fixed in 2.0.4 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2023-45657 Patch priority High CVSS severity High 8.5 Developer Claim ownership PSID f7e305847a86 Credits Rafie Muhammad Patchstack Required privilege Subscriber...

9.8CVSS6.8AI score0.01284EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder