Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
6.5
Nexter Blocks allows hackers to run malicious code on websites
CVE-2024-50452
Summary
An attacker can inject malicious code into websites that use Nexter Blocks, allowing them to steal user data or take control of the site. This affects all versions of Nexter Blocks up to 3.3.3, which means if you're using this plugin, you should update to the latest version as soon as possible to fix the issue.
Original title
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in POSIMYTH Nexter Blocks the-plus-addons-for-block-editor allows Stored XSS.This issue affects Ne...
Original description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in POSIMYTH Nexter Blocks the-plus-addons-for-block-editor allows Stored XSS.This issue affects Nexter Blocks: from n/a through <= 3.3.3.
nvd CVSS3.1
6.5
Vulnerability type
CWE-79
Cross-site Scripting (XSS)
Published: 20 Feb 2026 · Updated: 11 Mar 2026 · First seen: 6 Mar 2026