CVE-2026-0726 | Nexter Extension Plugin up to 4.4.6 on WordPress nxt_unserialize_replace deserialization
A vulnerability described as critical has been identified in Nexter Extension Plugin up to 4.4.6 on WordPress. The impacted element is the function nxt_unserialize_replace. Executing a manipulation can lead to deserialization.
This vulnerability is registered as CVE-2026-0726. It is possible to launch the attack remotely. No exploit is available.