Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

nextendweb — Vulnerabilities & Security Advisories 10

Browse all 10 CVE security advisories affecting nextendweb. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by nextendweb:Smart Slider 3Nextend Social Login and RegisterNextend Social Login ProNextend Facebook ConnectSmart Slider 3 Pro for WordPress
CVE IDTitleCVSSSeverityPublished
CVE-2026-34424 Smart Slider 3 Pro 3.5.1.35 Supply Chain Attack Remote Access Toolkit — Smart Slider 3 Pro for WordPressCWE-506 9.8 Critical2026-04-09
CVE-2026-4065 Smart Slider 3 <= 3.5.1.33 - Missing Authorization to Authenticated (Contributor+) Slider Data Read and Image Record Manipulation — Smart Slider 3CWE-862 5.4 Medium2026-04-07
CVE-2026-3098 Smart Slider 3 <= 3.5.1.33 - Authenticated (Subscriber+) Arbitrary File Read via actionExportAll — Smart Slider 3CWE-862 6.5 Medium2026-03-27
CVE-2025-13737 Nextend Social Login and Register <= 3.1.21 - Cross-Site Request Forgery to Unlink User Social Login — Nextend Social Login and RegisterCWE-352 4.3 Medium2025-11-28
CVE-2025-58031 WordPress Nextend Facebook Connect Plugin <= 3.1.19 - Cross Site Scripting (XSS) Vulnerability — Nextend Facebook ConnectCWE-79 6.5 Medium2025-09-22
CVE-2025-6348 Smart Slider 3 <= 3.5.1.28 - Authenticated (Administrator+) SQL Injection via `sliderid` Parameter — Smart Slider 3CWE-89 4.9 Medium2025-07-30
CVE-2025-1061 Nextend Social Login Pro <= 3.1.16 - Authentication Bypass via Apple OAuth provider — Nextend Social Login ProCWE-288 9.8 Critical2025-02-07
CVE-2024-9893 Nextend Social Login Pro <= 3.1.14 - Authentication Bypass via WordPress.com OAuth provider — Nextend Social Login ProCWE-288 9.8 Critical2024-10-16
CVE-2024-3027 Smart Slider 3 <= 3.5.1.22 - Missing Authorization to Limited File Upload — Smart Slider 3CWE-285 6.4 Medium2024-04-13
CVE-2024-1775 Nextend Social Login and Register <= 3.1.12 - Reflected Self-Based Cross-Site Scripting via error_description — Nextend Social Login and RegisterCWE-79 5.4 Medium2024-03-02

This page lists every published CVE security advisory associated with nextendweb. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.