Description The Nexter Extension plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and including, 2.0.3 via the nxt-code-php-snippet metabox. This allows authenticated attackers with editor-level privileges and above to execute code on the server.