Nextendweb — Vulnerabilities & Security Advisories 10

Browse all 10 CVE security advisories affecting Nextendweb. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Nextendweb develops WordPress and Joomla extensions for building websites and online stores. Historically, their products have frequently contained vulnerabilities including remote code execution, cross-site scripting, and privilege escalation issues, often stemming from insufficient input validation and access control flaws. While no major public security incidents have been widely reported, the 10 CVEs on record indicate consistent security challenges, particularly in their form builder and social login components. Their extensions' broad functionality and integration with multiple platforms create complex attack surfaces that require careful configuration and regular updates to mitigate risks.

Top products by Nextendweb: Smart Slider 3 Nextend Social Login and Register Nextend Social Login Pro Nextend Facebook Connect Smart Slider 3 Pro for WordPress

CVEs 10

CVE ID	Title	CVSS	Severity	Published
CVE-2025-58031	WordPress Nextend Facebook Connect Plugin <= 3.1.19 - Cross Site Scripting (XSS) Vulnerability — Nextend Facebook ConnectCWE-79	6.5	Medium	2025-09-22

This page lists every published CVE security advisory associated with Nextendweb. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.

Goal Reached Thanks to every supporter — we hit 100%!

Nextendweb — Vulnerabilities & Security Advisories 10