CVE-2026-6394

The Nexa Blocks – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE plugin for WordPress is vulnerable to Server-Side Request Forgery SSRF in versions up to and including 1.1.1. This is due to the importdemo function accepting a user-supplied URL in the demojsonfile POST parameter and...

PT-2026-42060

The Nexa Blocks – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE plugin for WordPress is vulnerable to Server-Side Request Forgery SSRF in versions up to and including 1.1.1. This is due to the import demo function accepting a user-supplied URL in the demo json file POST parameter and...

EUVD-2025-31687

Malicious code in bioql PyPI...

WordPress Nexa Blocks plugin <= 1.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Google Maps Widget vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Google Maps Widget vulnerability discovered by zer0gh0st in WordPress Plugin Nexa Blocks versions = 1.1.0...

WordPress plugin Nexa Blocks 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin.... A cross-site...