Vendor CVEs
Crocoblock
All CVEs
78 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-49931 | Cri | 0.60 | 9.3 | 0.00 | Oct 22, 2025 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Crocoblock JetSearch jet-search allows Blind SQL Injection.This issue affects JetSearch: from n/a through <= 3.5.10. | ||
| CVE-2023-39157 | Cri | 0.59 | 9.0 | 0.01 | Dec 31, 2023 | Improper Control of Generation of Code ('Code Injection') vulnerability in Crocoblock JetElements For Elementor.This issue affects JetElements For Elementor: from n/a through 2.6.10. | ||
| CVE-2024-7146 | Hig | 0.57 | 8.8 | 0.01 | Aug 16, 2024 | The JetTabs for Elementor plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.2.3 via the 'switcher_preset' parameter. This makes it possible for authenticated attackers, with Contributor-level access and above, to include and… | ||
| CVE-2023-48757 | Hig | 0.57 | 8.8 | 0.01 | May 17, 2024 | Improper Privilege Management vulnerability in Crocoblock JetEngine allows Privilege Escalation.This issue affects JetEngine: from n/a through 3.2.4. | ||
| CVE-2024-37497 | Hig | 0.50 | 7.7 | 0.01 | Jul 9, 2024 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Crocoblock JetThemeCore jet-theme-core.This issue affects JetThemeCore: from n/a through < 2.2.1. | ||
| CVE-2026-3496 | Hig | 0.49 | 7.5 | 0.00 | Mar 11, 2026 | The JetBooking plugin for WordPress is vulnerable to SQL Injection via the 'check_in_date' parameter in all versions up to, and including, 4.0.3. This is due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query.… | ||
| CVE-2025-49921 | Hig | 0.49 | 7.5 | 0.00 | Oct 22, 2025 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Crocoblock JetReviews jet-reviews allows PHP Local File Inclusion.This issue affects JetReviews: from n/a through <= 3.0.0. | ||
| CVE-2025-39449 | Hig | 0.49 | 7.5 | 0.00 | May 19, 2025 | Missing Authorization vulnerability in Crocoblock JetWooBuilder jet-woo-builder allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects JetWooBuilder: from n/a through <= 2.1.18. | ||
| CVE-2025-39447 | Hig | 0.49 | 7.5 | 0.00 | May 19, 2025 | Missing Authorization vulnerability in Crocoblock JetElements For Elementor jet-elements allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects JetElements For Elementor: from n/a through <= 2.7.4.1. | ||
| CVE-2025-39396 | Hig | 0.49 | 7.5 | 0.01 | May 19, 2025 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Crocoblock JetReviews jet-reviews allows PHP Local File Inclusion.This issue affects JetReviews: from n/a through <= 2.3.6. | ||
| CVE-2025-26953 | Hig | 0.49 | 7.5 | 0.00 | Apr 15, 2025 | Missing Authorization vulnerability in Crocoblock JetMenu jet-menu allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects JetMenu: from n/a through <= 2.4.9. | ||
| CVE-2025-26958 | Hig | 0.49 | 7.5 | 0.00 | Apr 15, 2025 | Missing Authorization vulnerability in Crocoblock JetBlog jet-blog allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects JetBlog: from n/a through <= 2.4.3. | ||
| CVE-2025-26944 | Hig | 0.49 | 7.5 | 0.00 | Apr 15, 2025 | Missing Authorization vulnerability in Crocoblock JetPopup jet-popup allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects JetPopup: from n/a through <= 2.0.11. | ||
| CVE-2025-26942 | Hig | 0.49 | 7.5 | 0.00 | Apr 15, 2025 | Missing Authorization vulnerability in Crocoblock JetTricks jet-tricks allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects JetTricks: from n/a through <= 1.5.1. | ||
| CVE-2025-22279 | Hig | 0.49 | 7.5 | 0.01 | Apr 10, 2025 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Crocoblock JetCompareWishlist jet-compare-wishlist allows PHP Local File Inclusion.This issue affects JetCompareWishlist: from n/a through <= 1.5.9. | ||
| CVE-2025-31016 | Hig | 0.49 | 7.5 | 0.01 | Mar 31, 2025 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Crocoblock JetWooBuilder jet-woo-builder allows PHP Local File Inclusion.This issue affects JetWooBuilder: from n/a through <= 2.1.18. | ||
| CVE-2025-49930 | Hig | 0.46 | 7.1 | 0.00 | Oct 22, 2025 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetSearch jet-search allows Reflected XSS.This issue affects JetSearch: from n/a through <= 3.5.10. | ||
| CVE-2023-48758 | Hig | 0.46 | 7.1 | 0.00 | Jan 2, 2025 | Missing Authorization vulnerability in Crocoblock JetEngine jet-engine allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JetEngine: from n/a through <= 3.2.4. | ||
| CVE-2026-24958 | Med | 0.42 | 6.5 | 0.00 | Feb 3, 2026 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetElements For Elementor jet-elements allows DOM-Based XSS.This issue affects JetElements For Elementor: from n/a through <= 2.7.12.2. | ||
| CVE-2025-68499 | Med | 0.42 | 6.5 | 0.00 | Dec 30, 2025 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetTabs jet-tabs allows DOM-Based XSS.This issue affects JetTabs: from n/a through <= 2.2.12. | ||
| CVE-2025-68498 | Med | 0.42 | 6.5 | 0.00 | Dec 30, 2025 | Missing Authorization vulnerability in Crocoblock JetTabs jet-tabs allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JetTabs: from n/a through <= 2.2.12. | ||
| CVE-2025-68504 | Med | 0.42 | 6.5 | 0.00 | Dec 29, 2025 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetSearch jet-search allows DOM-Based XSS.This issue affects JetSearch: from n/a through <= 3.5.16. | ||
| CVE-2025-68503 | Med | 0.42 | 6.5 | 0.00 | Dec 29, 2025 | Missing Authorization vulnerability in Crocoblock JetBlog jet-blog allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JetBlog: from n/a through <= 2.4.7. | ||
| CVE-2025-64355 | Med | 0.42 | 6.5 | 0.00 | Dec 18, 2025 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetElements For Elementor jet-elements allows DOM-Based XSS.This issue affects JetElements For Elementor: from n/a through <= 2.7.12. | ||
| CVE-2025-8195 | Med | 0.42 | 6.4 | 0.00 | Dec 13, 2025 | The JetWidgets For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Image Comparison and Subscribe widgets in all versions up to, and including, 1.0.20 due to insufficient input sanitization and output escaping on user supplied… | ||
| CVE-2025-49939 | Med | 0.42 | 6.5 | 0.00 | Oct 22, 2025 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetElements For Elementor jet-elements allows Stored XSS.This issue affects JetElements For Elementor: from n/a through <= 2.7.8. | ||
| CVE-2025-49934 | Med | 0.42 | 6.5 | 0.00 | Oct 22, 2025 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetBlocks For Elementor jet-blocks allows Stored XSS.This issue affects JetBlocks For Elementor: from n/a through <= 1.3.18. | ||
| CVE-2025-49933 | Med | 0.42 | 6.5 | 0.00 | Oct 22, 2025 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetBlog jet-blog allows Reflected XSS.This issue affects JetBlog: from n/a through <= 2.4.4. | ||
| CVE-2025-49932 | Med | 0.42 | 6.5 | 0.00 | Oct 22, 2025 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetBlog jet-blog allows Stored XSS.This issue affects JetBlog: from n/a through <= 2.4.4.1. | ||
| CVE-2025-49928 | Med | 0.42 | 6.5 | 0.00 | Oct 22, 2025 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetWooBuilder jet-woo-builder allows DOM-Based XSS.This issue affects JetWooBuilder: from n/a through <= 2.1.20. | ||
| CVE-2025-49927 | Med | 0.42 | 6.5 | 0.00 | Oct 22, 2025 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetWooBuilder jet-woo-builder allows Stored XSS.This issue affects JetWooBuilder: from n/a through <= 2.1.20.1. | ||
| CVE-2025-54008 | Med | 0.42 | 6.5 | 0.00 | Aug 20, 2025 | Insertion of Sensitive Information Into Sent Data vulnerability in Crocoblock JetSmartFilters jet-smart-filters allows Retrieve Embedded Sensitive Data.This issue affects JetSmartFilters: from n/a through <= 3.6.7. | ||
| CVE-2025-53998 | Med | 0.42 | 6.5 | 0.00 | Aug 20, 2025 | Insertion of Sensitive Information Into Sent Data vulnerability in Crocoblock JetWooBuilder jet-woo-builder allows Retrieve Embedded Sensitive Data.This issue affects JetWooBuilder: from n/a through <= 2.1.20. | ||
| CVE-2025-53993 | Med | 0.42 | 6.5 | 0.00 | Aug 20, 2025 | Insertion of Sensitive Information Into Sent Data vulnerability in Crocoblock JetPopup jet-popup allows Retrieve Embedded Sensitive Data.This issue affects JetPopup: from n/a through <= 2.0.15. | ||
| CVE-2025-53992 | Med | 0.42 | 6.5 | 0.00 | Aug 20, 2025 | Insertion of Sensitive Information Into Sent Data vulnerability in Crocoblock JetTricks jet-tricks allows Retrieve Embedded Sensitive Data.This issue affects JetTricks: from n/a through <= 1.5.4.1. | ||
| CVE-2025-53988 | Med | 0.42 | 6.5 | 0.00 | Aug 20, 2025 | Insertion of Sensitive Information Into Sent Data vulnerability in Crocoblock JetBlocks For Elementor jet-blocks allows Retrieve Embedded Sensitive Data.This issue affects JetBlocks For Elementor: from n/a through <= 1.3.18. | ||
| CVE-2025-53987 | Med | 0.42 | 6.5 | 0.00 | Aug 20, 2025 | Insertion of Sensitive Information Into Sent Data vulnerability in Crocoblock JetMenu jet-menu allows Retrieve Embedded Sensitive Data.This issue affects JetMenu: from n/a through <= 2.4.11.1. | ||
| CVE-2025-53985 | Med | 0.42 | 6.5 | 0.00 | Aug 20, 2025 | Insertion of Sensitive Information Into Sent Data vulnerability in Crocoblock JetTabs jet-tabs allows Retrieve Embedded Sensitive Data.This issue affects JetTabs: from n/a through <= 2.2.9. | ||
| CVE-2025-53983 | Med | 0.42 | 6.5 | 0.00 | Aug 20, 2025 | Insertion of Sensitive Information Into Sent Data vulnerability in Crocoblock JetElements For Elementor jet-elements allows Retrieve Embedded Sensitive Data.This issue affects JetElements For Elementor: from n/a through <= 2.7.7. | ||
| CVE-2025-53195 | Med | 0.42 | 6.5 | 0.00 | Aug 20, 2025 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetEngine jet-engine allows Stored XSS.This issue affects JetEngine: from n/a through <= 3.7.0. | ||
| CVE-2025-55714 | Med | 0.42 | 6.5 | 0.00 | Aug 14, 2025 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetElements For Elementor jet-elements allows Stored XSS.This issue affects JetElements For Elementor: from n/a through <= 2.7.9. | ||
| CVE-2025-54749 | Med | 0.42 | 6.5 | 0.00 | Aug 14, 2025 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetProductGallery jet-woo-product-gallery allows Stored XSS.This issue affects JetProductGallery: from n/a through <= 2.2.0.2. | ||
| CVE-2025-54688 | Med | 0.42 | 6.5 | 0.00 | Aug 14, 2025 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetEngine jet-engine allows Stored XSS.This issue affects JetEngine: from n/a through <= 3.7.1.2. | ||
| CVE-2025-54687 | Med | 0.42 | 6.5 | 0.00 | Aug 14, 2025 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetTabs jet-tabs allows DOM-Based XSS.This issue affects JetTabs: from n/a through <= 2.2.9.1. | ||
| CVE-2025-54009 | Med | 0.42 | 6.5 | 0.00 | Jul 16, 2025 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetSmartFilters jet-smart-filters allows Stored XSS.This issue affects JetSmartFilters: from n/a through <= 3.6.8. | ||
| CVE-2025-53996 | Med | 0.42 | 6.5 | 0.00 | Jul 16, 2025 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetSearch jet-search allows Stored XSS.This issue affects JetSearch: from n/a through <= 3.5.10.1. | ||
| CVE-2025-53995 | Med | 0.42 | 6.5 | 0.00 | Jul 16, 2025 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetPopup jet-popup allows Stored XSS.This issue affects JetPopup: from n/a through <= 2.0.15.1. | ||
| CVE-2025-53994 | Med | 0.42 | 6.5 | 0.00 | Jul 16, 2025 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetPopup jet-popup allows DOM-Based XSS.This issue affects JetPopup: from n/a through <= 2.0.15. | ||
| CVE-2025-53991 | Med | 0.42 | 6.5 | 0.00 | Jul 16, 2025 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetTricks jet-tricks allows Stored XSS.This issue affects JetTricks: from n/a through <= 1.5.4.1. | ||
| CVE-2025-53989 | Med | 0.42 | 6.5 | 0.00 | Jul 16, 2025 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetBlocks For Elementor jet-blocks allows Stored XSS.This issue affects JetBlocks For Elementor: from n/a through <= 1.3.19. |
- risk 0.60cvss 9.3epss 0.00
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Crocoblock JetSearch jet-search allows Blind SQL Injection.This issue affects JetSearch: from n/a through <= 3.5.10.
- risk 0.59cvss 9.0epss 0.01
Improper Control of Generation of Code ('Code Injection') vulnerability in Crocoblock JetElements For Elementor.This issue affects JetElements For Elementor: from n/a through 2.6.10.
- risk 0.57cvss 8.8epss 0.01
The JetTabs for Elementor plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.2.3 via the 'switcher_preset' parameter. This makes it possible for authenticated attackers, with Contributor-level access and above, to include and…
- risk 0.57cvss 8.8epss 0.01
Improper Privilege Management vulnerability in Crocoblock JetEngine allows Privilege Escalation.This issue affects JetEngine: from n/a through 3.2.4.
- risk 0.50cvss 7.7epss 0.01
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Crocoblock JetThemeCore jet-theme-core.This issue affects JetThemeCore: from n/a through < 2.2.1.
- risk 0.49cvss 7.5epss 0.00
The JetBooking plugin for WordPress is vulnerable to SQL Injection via the 'check_in_date' parameter in all versions up to, and including, 4.0.3. This is due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query.…
- risk 0.49cvss 7.5epss 0.00
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Crocoblock JetReviews jet-reviews allows PHP Local File Inclusion.This issue affects JetReviews: from n/a through <= 3.0.0.
- risk 0.49cvss 7.5epss 0.00
Missing Authorization vulnerability in Crocoblock JetWooBuilder jet-woo-builder allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects JetWooBuilder: from n/a through <= 2.1.18.
- risk 0.49cvss 7.5epss 0.00
Missing Authorization vulnerability in Crocoblock JetElements For Elementor jet-elements allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects JetElements For Elementor: from n/a through <= 2.7.4.1.
- risk 0.49cvss 7.5epss 0.01
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Crocoblock JetReviews jet-reviews allows PHP Local File Inclusion.This issue affects JetReviews: from n/a through <= 2.3.6.
- risk 0.49cvss 7.5epss 0.00
Missing Authorization vulnerability in Crocoblock JetMenu jet-menu allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects JetMenu: from n/a through <= 2.4.9.
- risk 0.49cvss 7.5epss 0.00
Missing Authorization vulnerability in Crocoblock JetBlog jet-blog allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects JetBlog: from n/a through <= 2.4.3.
- risk 0.49cvss 7.5epss 0.00
Missing Authorization vulnerability in Crocoblock JetPopup jet-popup allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects JetPopup: from n/a through <= 2.0.11.
- risk 0.49cvss 7.5epss 0.00
Missing Authorization vulnerability in Crocoblock JetTricks jet-tricks allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects JetTricks: from n/a through <= 1.5.1.
- risk 0.49cvss 7.5epss 0.01
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Crocoblock JetCompareWishlist jet-compare-wishlist allows PHP Local File Inclusion.This issue affects JetCompareWishlist: from n/a through <= 1.5.9.
- risk 0.49cvss 7.5epss 0.01
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Crocoblock JetWooBuilder jet-woo-builder allows PHP Local File Inclusion.This issue affects JetWooBuilder: from n/a through <= 2.1.18.
- risk 0.46cvss 7.1epss 0.00
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetSearch jet-search allows Reflected XSS.This issue affects JetSearch: from n/a through <= 3.5.10.
- risk 0.46cvss 7.1epss 0.00
Missing Authorization vulnerability in Crocoblock JetEngine jet-engine allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JetEngine: from n/a through <= 3.2.4.
- risk 0.42cvss 6.5epss 0.00
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetElements For Elementor jet-elements allows DOM-Based XSS.This issue affects JetElements For Elementor: from n/a through <= 2.7.12.2.
- risk 0.42cvss 6.5epss 0.00
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetTabs jet-tabs allows DOM-Based XSS.This issue affects JetTabs: from n/a through <= 2.2.12.
- risk 0.42cvss 6.5epss 0.00
Missing Authorization vulnerability in Crocoblock JetTabs jet-tabs allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JetTabs: from n/a through <= 2.2.12.
- risk 0.42cvss 6.5epss 0.00
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetSearch jet-search allows DOM-Based XSS.This issue affects JetSearch: from n/a through <= 3.5.16.
- risk 0.42cvss 6.5epss 0.00
Missing Authorization vulnerability in Crocoblock JetBlog jet-blog allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JetBlog: from n/a through <= 2.4.7.
- risk 0.42cvss 6.5epss 0.00
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetElements For Elementor jet-elements allows DOM-Based XSS.This issue affects JetElements For Elementor: from n/a through <= 2.7.12.
- risk 0.42cvss 6.4epss 0.00
The JetWidgets For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Image Comparison and Subscribe widgets in all versions up to, and including, 1.0.20 due to insufficient input sanitization and output escaping on user supplied…
- risk 0.42cvss 6.5epss 0.00
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetElements For Elementor jet-elements allows Stored XSS.This issue affects JetElements For Elementor: from n/a through <= 2.7.8.
- risk 0.42cvss 6.5epss 0.00
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetBlocks For Elementor jet-blocks allows Stored XSS.This issue affects JetBlocks For Elementor: from n/a through <= 1.3.18.
- risk 0.42cvss 6.5epss 0.00
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetBlog jet-blog allows Reflected XSS.This issue affects JetBlog: from n/a through <= 2.4.4.
- risk 0.42cvss 6.5epss 0.00
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetBlog jet-blog allows Stored XSS.This issue affects JetBlog: from n/a through <= 2.4.4.1.
- risk 0.42cvss 6.5epss 0.00
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetWooBuilder jet-woo-builder allows DOM-Based XSS.This issue affects JetWooBuilder: from n/a through <= 2.1.20.
- risk 0.42cvss 6.5epss 0.00
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetWooBuilder jet-woo-builder allows Stored XSS.This issue affects JetWooBuilder: from n/a through <= 2.1.20.1.
- risk 0.42cvss 6.5epss 0.00
Insertion of Sensitive Information Into Sent Data vulnerability in Crocoblock JetSmartFilters jet-smart-filters allows Retrieve Embedded Sensitive Data.This issue affects JetSmartFilters: from n/a through <= 3.6.7.
- risk 0.42cvss 6.5epss 0.00
Insertion of Sensitive Information Into Sent Data vulnerability in Crocoblock JetWooBuilder jet-woo-builder allows Retrieve Embedded Sensitive Data.This issue affects JetWooBuilder: from n/a through <= 2.1.20.
- risk 0.42cvss 6.5epss 0.00
Insertion of Sensitive Information Into Sent Data vulnerability in Crocoblock JetPopup jet-popup allows Retrieve Embedded Sensitive Data.This issue affects JetPopup: from n/a through <= 2.0.15.
- risk 0.42cvss 6.5epss 0.00
Insertion of Sensitive Information Into Sent Data vulnerability in Crocoblock JetTricks jet-tricks allows Retrieve Embedded Sensitive Data.This issue affects JetTricks: from n/a through <= 1.5.4.1.
- risk 0.42cvss 6.5epss 0.00
Insertion of Sensitive Information Into Sent Data vulnerability in Crocoblock JetBlocks For Elementor jet-blocks allows Retrieve Embedded Sensitive Data.This issue affects JetBlocks For Elementor: from n/a through <= 1.3.18.
- risk 0.42cvss 6.5epss 0.00
Insertion of Sensitive Information Into Sent Data vulnerability in Crocoblock JetMenu jet-menu allows Retrieve Embedded Sensitive Data.This issue affects JetMenu: from n/a through <= 2.4.11.1.
- risk 0.42cvss 6.5epss 0.00
Insertion of Sensitive Information Into Sent Data vulnerability in Crocoblock JetTabs jet-tabs allows Retrieve Embedded Sensitive Data.This issue affects JetTabs: from n/a through <= 2.2.9.
- risk 0.42cvss 6.5epss 0.00
Insertion of Sensitive Information Into Sent Data vulnerability in Crocoblock JetElements For Elementor jet-elements allows Retrieve Embedded Sensitive Data.This issue affects JetElements For Elementor: from n/a through <= 2.7.7.
- risk 0.42cvss 6.5epss 0.00
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetEngine jet-engine allows Stored XSS.This issue affects JetEngine: from n/a through <= 3.7.0.
- risk 0.42cvss 6.5epss 0.00
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetElements For Elementor jet-elements allows Stored XSS.This issue affects JetElements For Elementor: from n/a through <= 2.7.9.
- risk 0.42cvss 6.5epss 0.00
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetProductGallery jet-woo-product-gallery allows Stored XSS.This issue affects JetProductGallery: from n/a through <= 2.2.0.2.
- risk 0.42cvss 6.5epss 0.00
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetEngine jet-engine allows Stored XSS.This issue affects JetEngine: from n/a through <= 3.7.1.2.
- risk 0.42cvss 6.5epss 0.00
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetTabs jet-tabs allows DOM-Based XSS.This issue affects JetTabs: from n/a through <= 2.2.9.1.
- risk 0.42cvss 6.5epss 0.00
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetSmartFilters jet-smart-filters allows Stored XSS.This issue affects JetSmartFilters: from n/a through <= 3.6.8.
- risk 0.42cvss 6.5epss 0.00
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetSearch jet-search allows Stored XSS.This issue affects JetSearch: from n/a through <= 3.5.10.1.
- risk 0.42cvss 6.5epss 0.00
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetPopup jet-popup allows Stored XSS.This issue affects JetPopup: from n/a through <= 2.0.15.1.
- risk 0.42cvss 6.5epss 0.00
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetPopup jet-popup allows DOM-Based XSS.This issue affects JetPopup: from n/a through <= 2.0.15.
- risk 0.42cvss 6.5epss 0.00
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetTricks jet-tricks allows Stored XSS.This issue affects JetTricks: from n/a through <= 1.5.4.1.
- risk 0.42cvss 6.5epss 0.00
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetBlocks For Elementor jet-blocks allows Stored XSS.This issue affects JetBlocks For Elementor: from n/a through <= 1.3.19.
Page 1 of 2