4 matches found
CVE-2026-25429
CVE-2026-25429 describes a deserialization/Unauthenticated PHP Object Injection vulnerability in the Nexa Blocks plugin for WordPress (Nexa Blocks – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE) affecting versions up to and including 1.1.1. Public disclosures and third‑party referenc...
CVE-2025-30952 WordPress Nexa Blocks plugin <= 1.1.0 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in wpdive Nexa Blocks nexa-blocks allows Stored XSS.This issue affects Nexa Blocks: from n/a through = 1.1.0...
CVE-2025-30976 WordPress Nexa Blocks plugin <= 1.1.1 - Server Side Request Forgery (SSRF) vulnerability
Server-Side Request Forgery SSRF vulnerability in wpdive Nexa Blocks nexa-blocks allows Server Side Request Forgery.This issue affects Nexa Blocks: from n/a through = 1.1.1...
WordPress Nexa Blocks plugin <= 1.1.0 - Cross Site Scripting (XSS) Vulnerability
Cross Site Scripting XSS Vulnerability discovered by Prissy in WordPress Plugin Nexa Blocks versions = 1.1.0...