66 matches found
CVE-2025-53195
CVE-2025-53195: WordPress JetEngine plugin
CVE-2025-53195 WordPress JetEngine plugin <= 3.7.0 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Crocoblock JetEngine allows Stored XSS. This issue affects JetEngine: from n/a through 3.7.0...
CVE-2025-53194
The CVE-2025-53194 entry describes a vulnerability in Crocoblock JetEngine (WordPress plugin) up to version 3.7.0: Improper neutralization of special elements in the template engine leading to code injection/remote code execution. Affected product: JetEngine (WordPress plugin). Root cause: improp...
CVE-2025-53196 WordPress JetEngine <= 3.7.0 - Sensitive Data Exposure Vulnerability
Insertion of Sensitive Information Into Sent Data vulnerability in Crocoblock JetEngine jet-engine allows Retrieve Embedded Sensitive Data.This issue affects JetEngine: from n/a through = 3.7.0...
CVE-2025-53196
CVE-2025-53196 describes a vulnerability in Crocoblock JetEngine (JetEngine, WordPress plugin) where the insertion of sensitive information into sent data could lead to retrieval of embedded sensitive data. Technical details across connected sources show this affects JetEngine versions up to and ...
PT-2025-33966 · Crocoblock · Crocoblock Jetengine
Name of the Vulnerable Software and Affected Versions: Crocoblock JetEngine versions through 3.7.0 Description: Improper neutralization of input during web page generation allows for stored cross-site scripting XSS. Recommendations: Update Crocoblock JetEngine to a version later than 3.7.0...
CVE-2025-54688
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Crocoblock JetEngine jet-engine allows Stored XSS.This issue affects JetEngine: from n/a through = 3.7.1.2...
CVE-2023-48757
Improper Privilege Management vulnerability in Crocoblock JetEngine allows Privilege Escalation.This issue affects JetEngine: from n/a through 3.2.4...
CVE-2021-38607
Crocoblock JetEngine before 2.6.1 allows XSS by remote authenticated users via a custom form input...
CVE-2021-41844
Crocoblock JetEngine before 2.9.1 does not properly validate and sanitize form data...
CVE-2023-48758
Missing Authorization vulnerability in Crocoblock JetEngine jet-engine allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JetEngine: from n/a through = 3.2.4...
PT-2025-1550 · Crocoblock · Crocoblock Jetengine
Name of the Vulnerable Software and Affected Versions: Crocoblock JetEngine versions 3.2.4 and earlier Description: A Missing Authorization vulnerability is present in Crocoblock JetEngine, allowing attackers to exploit incorrectly configured access control security levels. This issue enables...
CVE-2023-48757
Improper Privilege Management vulnerability in Crocoblock JetEngine allows Privilege Escalation.This issue affects JetEngine: from n/a through 3.2.4...
PT-2024-13642 · Crocoblock · Crocoblock Jetengine
Name of the Vulnerable Software and Affected Versions: Crocoblock JetEngine versions 3.2.4 and earlier Description: The issue is related to Improper Privilege Management, which allows Privilege Escalation in Crocoblock JetEngine. Recommendations: For versions 3.2.4 and earlier, update to a versio...
crocoblock JetEngine Cross-Site Scripting Vulnerability (CNVD-2022-05012)
crocoblock JetEngine is a dynamic content plugin that allows you to build complex websites quickly and cost-effectively. crocoblock JetEngine prior to version 2.9.1 is vulnerable to a cross-site scripting vulnerability that stems from a lack of data validation filtering of user-supplied data and...
CVE-2021-41844
Crocoblock JetEngine before 2.9.1 does not properly validate and sanitize form data...
CVE-2021-41844
Crocoblock JetEngine before 2.9.1 does not properly validate and sanitize form data...
CVE-2021-41844
Crocoblock JetEngine before 2.9.1 does not properly validate and sanitize form data...
Crocoblock JetEngine 跨站脚本漏洞
crocoblock JetEngine is a dynamic content plugin that allows you to build complex websites quickly and cost-effectively. crocoblock JetEngine prior to version 2.9.1 is vulnerable to a cross-site scripting vulnerability that stems from a lack of data validation filtering of user-supplied data and...
PT-2021-23429 · Crocoblock · Crocoblock Jetengine
Name of the Vulnerable Software and Affected Versions: Crocoblock JetEngine versions prior to 2.9.1 Description: The issue arises from improper validation and sanitization of form data. Recommendations: For versions prior to 2.9.1, update to version 2.9.1 or later to resolve the issue...