CVE-2024-50452

CVE-2024-50452 affects the WordPress Nexter Blocks: the-plus-addons-for-block-editor, with a stored XSS flaw caused by improper input neutralization during web page generation. Exploitation could occur via vulnerable blocks in Nexter Blocks versions up to and including 3.3.3, enabling stored scri...

CVE-2026-24377

CVE-2026-24377 : WordPress Nexter Blocks plugin ≤ 4.6.3 exposes embedded sensitive data to an unauthorized control sphere, enabling sensitive information exposure. CVSS 3.1 base score 4.3 (Medium) per the initial document; multiple sources corroborate a sensitive data exposure issue affecting Nex...

CVE-2025-54739 WordPress Nexter Blocks Plugin <= 4.5.4 - Broken Access Control Vulnerability

Missing Authorization vulnerability in POSIMYTH Nexter Blocks the-plus-addons-for-block-editor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Nexter Blocks: from n/a through = 4.5.4...

WordPress plugin Nexter Blocks 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerability...

WordPress Nexter Blocks plugin <= 3.3.3 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by João Pedro Soares de Alcântara - Kinorth Patchstack Alliance in WordPress Plugin Nexter Blocks versions = 3.3.3...

WordPress Nexter Blocks Plugin <= 3.3.3 is vulnerable to Cross Site Scripting (XSS)

Software Nexter Blocks Type Plugin Vulnerable versions = 3.3.3 Fixed in 4.0.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-50452 Patch priority Low CVSS severity Low 6.5 Developer POSIMYTH Innovations PSID 5124e10b8774 Credits João Pedro S Alcântara Kinorth...