CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

19 matches found

Positive Technologies•added 2026/04/08 12:0 a.m.•2 views

PT-2026-31139

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in POSIMYTH Nexter Blocks the-plus-addons-for-block-editor allows Retrieve Embedded Sensitive Data.This issue affects Nexter Blocks: from n/a through = 4.7.0...

5.9AI score0.00039EPSS

Exploits0References3

NVD•added 2026/02/20 4:22 p.m.•3 views

CVE-2024-50452

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in POSIMYTH Nexter Blocks the-plus-addons-for-block-editor allows Stored XSS.This issue affects Nexter Blocks: from n/a through = 3.3.3...

6.5CVSS0.00137EPSS

Exploits0References1

Cvelist•added 2026/02/20 3:46 p.m.•21 views

CVE-2024-50452 WordPress Nexter Blocks plugin <= 3.3.3 - Cross Site Scripting (XSS) vulnerability

6.5CVSS0.00137EPSS

Exploits0References1

Positive Technologies•added 2026/02/20 12:0 a.m.•2 views

PT-2026-21027

Name of the Vulnerable Software and Affected Versions POSIMYTH Nexter Blocks the-plus-addons-for-block-editor versions through 3.3.3 Description The software contains a flaw related to improper input handling during web page creation, which allows for Stored Cross-site Scripting XSS. This means...

5.3AI score0.00137EPSS

Exploits0References3

Vulnrichment•added 2026/01/22 4:52 p.m.•3 views

CVE-2026-24377 WordPress Nexter Blocks plugin <= 4.6.3 - Sensitive Data Exposure vulnerability

4.3CVSS5.9AI score0.0005EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2024-53091

Malicious code in bioql PyPI...

6.4CVSS8.7AI score0.00107EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2024-53044

Malicious code in bioql PyPI...

6.5CVSS8.7AI score0.00242EPSS

Exploits0References1

RedhatCVE•added 2025/08/21 8:29 a.m.•7 views

CVE-2025-8567

The Nexter Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple widgets in all versions up to, and including, 4.5.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with...

6.4CVSS6AI score0.00057EPSS

Exploits0References1

NVD•added 2025/08/19 9:15 a.m.•5 views

CVE-2025-8567

6.4CVSS0.00057EPSS

Exploits0References3

Positive Technologies•added 2025/08/19 12:0 a.m.•4 views

PT-2025-33717 · WordPress · Nexter Blocks

Name of the Vulnerable Software and Affected Versions: Nexter Blocks versions prior to 4.5.5 Description: The Nexter Blocks plugin for WordPress is susceptible to Stored Cross-Site Scripting XSS via multiple widgets. Insufficient input sanitization and output escaping on user-supplied attributes...

6.4CVSS5.9AI score0.00057EPSS

Exploits0References8

Patchstack•added 2025/08/18 9:45 p.m.•10 views

WordPress Nexter Blocks plugin <= 4.5.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Multiple Widgets vulnerability discovered by zer0gh0st in WordPress Plugin Nexter Blocks versions = 4.5.4...

6.4CVSS5.5AI score0.00057EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2025/08/14 6:21 p.m.•2 views

CVE-2025-54739 WordPress Nexter Blocks Plugin <= 4.5.4 - Broken Access Control Vulnerability

Missing Authorization vulnerability in POSIMYTH Nexter Blocks allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Nexter Blocks: from n/a through 4.5.4...

5.3CVSS7.1AI score0.0023EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 9:12 a.m.•2 views

CVE-2024-56246

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in POSIMYTH Nexter Blocks the-plus-addons-for-block-editor allows DOM-Based XSS.This issue affects Nexter Blocks: from n/a through = 4.0.4...

6.5CVSS7.2AI score0.00242EPSS

Exploits0References1

Cvelist•added 2025/01/07 10:49 a.m.•14 views

CVE-2024-56294 WordPress Nexter Blocks plugin <= 4.0.7 - Broken Access Control vulnerability

Missing Authorization vulnerability in POSIMYTH Nexter Blocks the-plus-addons-for-block-editor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Nexter Blocks: from n/a through = 4.0.7...

6.4CVSS0.00107EPSS

Exploits0References1

CVE•added 2025/01/07 10:49 a.m.•39 views

CVE-2024-56294

CVE-2024-56294 applies to POSIMYTH Nexter Blocks up to version 4.0.7. Affected component: Nexter Blocks; Root cause: Missing Authorization due to incorrectly configured access control security levels. Impact, as per CVSS: network attack vector, low privileges required, no user interaction, with l...

6.4CVSS7.2AI score0.00107EPSS

Exploits0References1

Vulnrichment•added 2025/01/07 10:49 a.m.•8 views

CVE-2024-56294 WordPress Nexter Blocks plugin <= 4.0.7 - Broken Access Control vulnerability

Missing Authorization vulnerability in POSIMYTH Nexter Blocks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Nexter Blocks: from n/a through 4.0.7...

6.4CVSS6.9AI score0.00107EPSS

Exploits0References1

Vulnrichment•added 2025/01/02 12:1 p.m.•13 views

CVE-2024-56246 WordPress Nexter Blocks plugin <= 4.0.4 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in POSIMYTH Nexter Blocks allows DOM-Based XSS.This issue affects Nexter Blocks: from n/a through 4.0.4...

6.5CVSS7AI score0.00242EPSS

Exploits0References1

Patchstack•added 2024/04/25 12:0 a.m.•10 views

WordPress Nexter Blocks Plugin <= 3.2.5 is vulnerable to Broken Access Control

Software Nexter Blocks Type Plugin Vulnerable versions = 3.2.5 Fixed in 3.2.6 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-33572 Patch priority Low CVSS severity Low 4.3 Developer POSIMYTH Innovations PSID 306122f51743 Credits LVT-tholv2k Required...

8.8CVSS6.6AI score0.00212EPSS

Exploits0References1Affected Software1

Patchstack•added 2024/03/28 12:0 a.m.•13 views

WordPress Nexter Blocks Plugin <= 3.2.5 is vulnerable to Cross Site Scripting (XSS)

Software Nexter Blocks Type Plugin Vulnerable versions = 3.2.5 Fixed in 3.2.6 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-30435 Patch priority Medium CVSS severity Medium 7.1 Developer POSIMYTH Innovations PSID 6b7745362c68 Credits LVT-tholv2k Required privileg...

7.1CVSS6.5AI score0.00117EPSS

Exploits0References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by