VYPR

Nexter Extension

by WordPress

Source repositories

CVEs (4)

  • CVE-2023-45751CriDec 29, 2023
    risk 0.59cvss 9.1epss 0.01

    Improper Control of Generation of Code ('Code Injection') vulnerability in POSIMYTH Nexter Extension.This issue affects Nexter Extension: from n/a through 2.0.3.

  • CVE-2026-0726HigJan 20, 2026
    risk 0.53cvss 8.1epss 0.00

    The Nexter Extension – Site Enhancements Toolkit plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 4.4.6 via deserialization of untrusted input in the 'nxt_unserialize_replace' function. This makes it possible for unauthenticated…

  • CVE-2025-13731MedDec 2, 2025
    risk 0.42cvss 6.4epss 0.00

    The Nexter Extension – Site Enhancements Toolkit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'nxt-year' shortcode in all versions up to, and including, 4.4.1 due to insufficient input sanitization and output escaping. This makes it…

  • CVE-2023-45750Oct 24, 2023
    risk 0.00cvss epss 0.00

    Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in POSIMYTH Nexter Extension plugin <= 2.0.3 versions.