CVE-2023-45658 WordPress Nexter theme <= 2.0.3 - Broken Access Control vulnerability

Missing Authorization vulnerability in POSIMYTH Nexter.This issue affects Nexter: from n/a through 2.0.3...

Nexter < 2.0.4 - Authenticated (Subscriber+) SQL Injection via 'to' and 'from'

Description The Nexter theme for WordPress is vulnerable to SQL Injection via the 'to' and 'from' parameters in versions up to, and including, 2.0.3 due to insufficient escaping on the user supplied parameter and lack of valid preparation on the existing SQL query. This makes it possible for...

CVE-2023-45657 WordPress Nexter Theme <= 2.0.3 is vulnerable to SQL Injection

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in POSIMYTH Nexter allows SQL Injection.This issue affects Nexter: from n/a through 2.0.3...

CVE-2023-45657 WordPress Nexter Theme <= 2.0.3 is vulnerable to SQL Injection

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in POSIMYTH Nexter allows SQL Injection.This issue affects Nexter: from n/a through 2.0.3...

WordPress Nexter Theme <= 2.0.3 is vulnerable to Broken Access Control

Software Nexter Type Theme Vulnerable versions = 2.0.3 Fixed in 2.0.4 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-45658 Patch priority High CVSS severity High 7.6 Developer Claim ownership PSID 6bbe3c1cdbc1 Credits Rafie Muhammad Patchstack Required...

WordPress Nexter Theme <= 2.0.3 is vulnerable to SQL Injection

Software Nexter Type Theme Vulnerable versions = 2.0.3 Fixed in 2.0.4 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2023-45657 Patch priority High CVSS severity High 8.5 Developer Claim ownership PSID f7e305847a86 Credits Rafie Muhammad Patchstack Required privilege Subscriber...