Posimyth Nexter Blocks vulnerabilities
8 known vulnerabilities affecting posimyth/nexter_blocks.
Total CVEs
8
CISA KEV
0
Public exploits
0
Exploited in wild
1
Severity breakdown
HIGH2MEDIUM6
Vulnerabilities
Page 1 of 1
CVE-2024-30435P2HIGHCVSS 7.1Exploited≤ 3.2.52024-03-29
CVE-2024-30435 [HIGH] CWE-79 CVE-2024-30435: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in POSIMYTH Nexter Blocks the-plus-addons-for-block-editor.This issue affects Nexter Blocks: from n/a through <= 3.2.5.
nvd
CVE-2024-33572P3HIGHCVSS 8.8fixed in 3.2.6≤ 3.2.52024-06-09
CVE-2024-33572 [HIGH] CWE-862 CVE-2024-33572: Missing Authorization vulnerability in POSIMYTH Nexter Blocks the-plus-addons-for-block-editor.This
Missing Authorization vulnerability in POSIMYTH Nexter Blocks the-plus-addons-for-block-editor.This issue affects Nexter Blocks: from n/a through <= 3.2.5.
nvd
CVE-2024-56294P4MEDIUMCVSS 6.4≤ 4.0.72025-01-07
CVE-2024-56294 [MEDIUM] CWE-862 CVE-2024-56294: Missing Authorization vulnerability in POSIMYTH Nexter Blocks the-plus-addons-for-block-editor allow
Missing Authorization vulnerability in POSIMYTH Nexter Blocks the-plus-addons-for-block-editor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Nexter Blocks: from n/a through <= 4.0.7.
nvd
CVE-2024-50452P4MEDIUMCVSS 6.5≤ 3.3.32026-02-20
CVE-2024-50452 [MEDIUM] CWE-79 CVE-2024-50452: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in POSIMYTH Nexter Blocks the-plus-addons-for-block-editor allows Stored XSS.This issue affects Nexter Blocks: from n/a through <= 3.3.3.
nvd
CVE-2026-39516P4MEDIUMCVSS 5.3≤ 4.7.02026-04-08
CVE-2026-39516 [MEDIUM] CWE-497 CVE-2026-39516: Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in POSIMYTH
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in POSIMYTH Nexter Blocks the-plus-addons-for-block-editor allows Retrieve Embedded Sensitive Data.This issue affects Nexter Blocks: from n/a through <= 4.7.0.
nvd
CVE-2025-54739P4MEDIUMCVSS 5.3≤ 4.5.42025-08-14
CVE-2025-54739 [MEDIUM] CWE-862 CVE-2025-54739: Missing Authorization vulnerability in POSIMYTH Nexter Blocks the-plus-addons-for-block-editor allow
Missing Authorization vulnerability in POSIMYTH Nexter Blocks the-plus-addons-for-block-editor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Nexter Blocks: from n/a through <= 4.5.4.
nvd
CVE-2024-56246P4MEDIUMCVSS 6.5≤ 4.0.42025-01-02
CVE-2024-56246 [MEDIUM] CWE-79 CVE-2024-56246: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in POSIMYTH Nexter Blocks the-plus-addons-for-block-editor allows DOM-Based XSS.This issue affects Nexter Blocks: from n/a through <= 4.0.4.
nvd
CVE-2026-24377P4MEDIUMCVSS 4.3≤ 4.6.32026-01-22
CVE-2026-24377 [MEDIUM] CWE-497 CVE-2026-24377: Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in POSIMYTH
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in POSIMYTH Nexter Blocks the-plus-addons-for-block-editor allows Retrieve Embedded Sensitive Data.This issue affects Nexter Blocks: from n/a through <= 4.6.3.
nvd