Lucene search
K

66 matches found

CVE
CVE
added 2025/08/20 8:3 a.m.26 views

CVE-2025-53195

CVE-2025-53195: WordPress JetEngine plugin

6.5CVSS5.9AI score0.0025EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/08/20 8:3 a.m.3 views

CVE-2025-53195 WordPress JetEngine plugin <= 3.7.0 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Crocoblock JetEngine allows Stored XSS. This issue affects JetEngine: from n/a through 3.7.0...

6.5CVSS6.9AI score0.0025EPSS
Exploits0References1
CVE
CVE
added 2025/08/20 8:3 a.m.27 views

CVE-2025-53194

The CVE-2025-53194 entry describes a vulnerability in Crocoblock JetEngine (WordPress plugin) up to version 3.7.0: Improper neutralization of special elements in the template engine leading to code injection/remote code execution. Affected product: JetEngine (WordPress plugin). Root cause: improp...

8.5CVSS5.9AI score0.00347EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/08/20 8:3 a.m.11 views

CVE-2025-53196 WordPress JetEngine <= 3.7.0 - Sensitive Data Exposure Vulnerability

Insertion of Sensitive Information Into Sent Data vulnerability in Crocoblock JetEngine jet-engine allows Retrieve Embedded Sensitive Data.This issue affects JetEngine: from n/a through = 3.7.0...

6.5CVSS0.00459EPSS
Exploits0References1
CVE
CVE
added 2025/08/20 8:3 a.m.19 views

CVE-2025-53196

CVE-2025-53196 describes a vulnerability in Crocoblock JetEngine (JetEngine, WordPress plugin) where the insertion of sensitive information into sent data could lead to retrieval of embedded sensitive data. Technical details across connected sources show this affects JetEngine versions up to and ...

6.5CVSS5.9AI score0.00459EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/08/20 12:0 a.m.6 views

PT-2025-33966 · Crocoblock · Crocoblock Jetengine

Name of the Vulnerable Software and Affected Versions: Crocoblock JetEngine versions through 3.7.0 Description: Improper neutralization of input during web page generation allows for stored cross-site scripting XSS. Recommendations: Update Crocoblock JetEngine to a version later than 3.7.0...

6.5CVSS5.6AI score0.0025EPSS
Exploits0References3
NVD
NVD
added 2025/08/14 11:15 a.m.16 views

CVE-2025-54688

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Crocoblock JetEngine jet-engine allows Stored XSS.This issue affects JetEngine: from n/a through = 3.7.1.2...

6.5CVSS0.00202EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:23 a.m.16 views

CVE-2023-48757

Improper Privilege Management vulnerability in Crocoblock JetEngine allows Privilege Escalation.This issue affects JetEngine: from n/a through 3.2.4...

8.8CVSS6.9AI score0.00553EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 8:10 p.m.10 views

CVE-2021-38607

Crocoblock JetEngine before 2.6.1 allows XSS by remote authenticated users via a custom form input...

5.4CVSS5.8AI score0.00605EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:47 p.m.8 views

CVE-2021-41844

Crocoblock JetEngine before 2.9.1 does not properly validate and sanitize form data...

9.8CVSS7AI score0.01052EPSS
Exploits0
NVD
NVD
added 2025/01/02 3:15 p.m.11 views

CVE-2023-48758

Missing Authorization vulnerability in Crocoblock JetEngine jet-engine allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JetEngine: from n/a through = 3.2.4...

7.1CVSS0.00295EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/01/02 12:0 a.m.5 views

PT-2025-1550 · Crocoblock · Crocoblock Jetengine

Name of the Vulnerable Software and Affected Versions: Crocoblock JetEngine versions 3.2.4 and earlier Description: A Missing Authorization vulnerability is present in Crocoblock JetEngine, allowing attackers to exploit incorrectly configured access control security levels. This issue enables...

7.1CVSS9.4AI score0.00295EPSS
Exploits0References6
NVD
NVD
added 2024/05/17 9:15 a.m.28 views

CVE-2023-48757

Improper Privilege Management vulnerability in Crocoblock JetEngine allows Privilege Escalation.This issue affects JetEngine: from n/a through 3.2.4...

8.8CVSS8.8AI score0.00553EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/05/17 12:0 a.m.5 views

PT-2024-13642 · Crocoblock · Crocoblock Jetengine

Name of the Vulnerable Software and Affected Versions: Crocoblock JetEngine versions 3.2.4 and earlier Description: The issue is related to Improper Privilege Management, which allows Privilege Escalation in Crocoblock JetEngine. Recommendations: For versions 3.2.4 and earlier, update to a versio...

8.8CVSS9.3AI score0.00553EPSS
Exploits0References6
CNVD
CNVD
added 2021/12/19 12:0 a.m.15 views

crocoblock JetEngine Cross-Site Scripting Vulnerability (CNVD-2022-05012)

crocoblock JetEngine is a dynamic content plugin that allows you to build complex websites quickly and cost-effectively. crocoblock JetEngine prior to version 2.9.1 is vulnerable to a cross-site scripting vulnerability that stems from a lack of data validation filtering of user-supplied data and...

5.4CVSS2.4AI score0.00455EPSS
Exploits0References1
OSV
OSV
added 2021/12/15 6:15 a.m.4 views

CVE-2021-41844

Crocoblock JetEngine before 2.9.1 does not properly validate and sanitize form data...

9.8CVSS5.8AI score0.01052EPSS
Exploits0References1
NVD
NVD
added 2021/12/15 6:15 a.m.20 views

CVE-2021-41844

Crocoblock JetEngine before 2.9.1 does not properly validate and sanitize form data...

9.8CVSS0.01052EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/12/15 5:52 a.m.27 views

CVE-2021-41844

Crocoblock JetEngine before 2.9.1 does not properly validate and sanitize form data...

9.7AI score0.01052EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/12/15 12:0 a.m.4 views

Crocoblock JetEngine 跨站脚本漏洞

crocoblock JetEngine is a dynamic content plugin that allows you to build complex websites quickly and cost-effectively. crocoblock JetEngine prior to version 2.9.1 is vulnerable to a cross-site scripting vulnerability that stems from a lack of data validation filtering of user-supplied data and...

5.4CVSS5.6AI score0.00455EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2021/12/15 12:0 a.m.4 views

PT-2021-23429 · Crocoblock · Crocoblock Jetengine

Name of the Vulnerable Software and Affected Versions: Crocoblock JetEngine versions prior to 2.9.1 Description: The issue arises from improper validation and sanitization of form data. Recommendations: For versions prior to 2.9.1, update to version 2.9.1 or later to resolve the issue...

9.8CVSS9.4AI score0.01052EPSS
Exploits0References3
Rows per page
Query Builder