Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

POSIMYTH — Vulnerabilities & Security Advisories 24

Browse all 24 CVE security advisories affecting POSIMYTH. AI-powered Chinese analysis, POCs, and references for each vulnerability.

POSIMYTH is a software development firm specializing in enterprise resource planning and customer relationship management solutions, primarily targeting the manufacturing and distribution sectors. Security audits have identified twenty-four distinct Common Vulnerabilities and Exposures associated with its platforms, indicating a history of significant technical debt. The most prevalent vulnerability classes include remote code execution, cross-site scripting, and SQL injection, which often stem from insufficient input validation and improper access controls. These flaws frequently allow unauthenticated attackers to escalate privileges or exfiltrate sensitive business data. While no single catastrophic public breach has been widely documented as a singular event, the cumulative nature of these CVEs suggests systemic weaknesses in the application’s security architecture. Organizations relying on POSIMYTH systems must prioritize rigorous patch management and continuous vulnerability scanning to mitigate the risk of exploitation inherent in these legacy codebases.

Top products by POSIMYTH: Nexter Blocks The Plus Addons for Elementor Page Builder Lite Nexter Nexter Extension UiChemy WDesignkit Sticky Header Effects for Elementor
CVE IDTitleCVSSSeverityPublished
CVE-2026-39516 WordPress Nexter Blocks plugin <= 4.7.0 - Sensitive Data Exposure vulnerability — Nexter BlocksCWE-497 5.3 Medium2026-04-08
CVE-2024-50452 WordPress Nexter Blocks plugin <= 3.3.3 - Cross Site Scripting (XSS) vulnerability — Nexter BlocksCWE-79 6.5 Medium2026-02-20
CVE-2026-24377 WordPress Nexter Blocks plugin <= 4.6.3 - Sensitive Data Exposure vulnerability — Nexter BlocksCWE-497 4.3 Medium2026-01-22
CVE-2025-69362 WordPress UiChemy plugin <= 4.4.2 - Cross Site Scripting (XSS) vulnerability — UiChemyCWE-79 5.9 Medium2026-01-06
CVE-2024-23511 WordPress The Plus Addons for Elementor plugin <= 5.3.3 - Cross Site Scripting (XSS) vulnerability — The Plus Addons for Elementor Page Builder LiteCWE-79 6.5 Medium2026-01-05
CVE-2025-62013 WordPress UiChemy plugin <= 4.0.0 - Broken Access Control vulnerability — UiChemyCWE-862 4.3 Medium2025-10-22
CVE-2025-58251 WordPress Sticky Header Effects for Elementor Plugin <= 2.1.2 - Broken Access Control Vulnerability — Sticky Header Effects for ElementorCWE-862 4.3 Medium2025-09-22
CVE-2025-54739 WordPress Nexter Blocks Plugin <= 4.5.4 - Broken Access Control Vulnerability — Nexter BlocksCWE-862 5.3 Medium2025-08-14
CVE-2025-55712 WordPress The Plus Addons for Elementor Page Builder Lite Plugin <= 6.3.13 - Broken Access Control Vulnerability — The Plus Addons for Elementor Page Builder LiteCWE-862 6.5 Medium2025-08-14
CVE-2025-49076 WordPress The Plus Addons for Elementor Page Builder Lite plugin <= 6.2.7 - Cross Site Scripting (XSS) vulnerability — The Plus Addons for Elementor Page Builder LiteCWE-79 6.5 Medium2025-06-06
CVE-2024-56294 WordPress Nexter Blocks plugin <= 4.0.7 - Broken Access Control vulnerability — Nexter BlocksCWE-862 6.4 Medium2025-01-07
CVE-2024-56246 WordPress Nexter Blocks plugin <= 4.0.4 - Cross Site Scripting (XSS) vulnerability — Nexter BlocksCWE-79 6.5 Medium2025-01-02
CVE-2024-53823 WordPress The Plus Addons for Elementor plugin <= 5.6.14 - Cross Site Scripting (XSS) vulnerability — The Plus Addons for Elementor Page Builder LiteCWE-79 6.5 Medium2024-12-06
CVE-2024-53811 WordPress WDesignKit plugin <= 1.0.40 - Arbitrary File Upload vulnerability — WDesignkitCWE-434 6.6 Medium2024-12-06
CVE-2024-43932 WordPress The Plus Addons for Elementor plugin <= 5.6.2 - Broken Access Control vulnerability — The Plus Addons for Elementor Page Builder LiteCWE-862 6.5 Medium2024-11-01
CVE-2024-43977 WordPress The Plus Addons for Elementor plugin <= 5.6.2 - Cross Site Scripting (XSS) vulnerability — The Plus Addons for Elementor Page Builder LiteCWE-79 6.5 Medium2024-09-17
CVE-2023-45658 WordPress Nexter theme <= 2.0.3 - Broken Access Control vulnerability — NexterCWE-862 7.6 High2024-06-19
CVE-2024-33572 WordPress Nexter Blocks plugin <= 3.2.5 - Broken Access Control vulnerability — Nexter BlocksCWE-862 4.3 Medium2024-06-09
CVE-2024-35709 WordPress The Plus Addons for Elementor plugin <= 5.5.4 - Cross Site Scripting (XSS) vulnerability — The Plus Addons for Elementor Page Builder LiteCWE-79 6.5 Medium2024-06-08
CVE-2024-34373 WordPress The Plus Addons for Elementor plugin <= 5.4.2 - Cross Site Scripting (XSS) vulnerability — The Plus Addons for Elementor Page Builder LiteCWE-79 6.5 Medium2024-05-06
CVE-2024-30435 WordPress Nexter Blocks plugin <= 3.2.5 - Reflected Cross Site Scripting (XSS) vulnerability — Nexter BlocksCWE-79 7.1 High2024-03-29
CVE-2023-45751 WordPress Nexter Extension Plugin <= 2.0.3 is vulnerable to Remote Code Execution (RCE) — Nexter ExtensionCWE-94 9.1 Critical2023-12-29
CVE-2023-45657 WordPress Nexter Theme <= 2.0.3 is vulnerable to SQL Injection — NexterCWE-89 8.5 High2023-11-06
CVE-2023-45750 WordPress Nexter Extension Plugin <= 2.0.3 is vulnerable to Cross Site Scripting (XSS) — Nexter ExtensionCWE-79 7.1 High2023-10-24

This page lists every published CVE security advisory associated with POSIMYTH. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.