Lucene search
K

63 matches found

RedhatCVE
RedhatCVE
added 2025/04/02 6:34 a.m.13 views

CVE-2025-30987

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Crocoblock JetBlocks For Elementor jet-blocks allows Stored XSS.This issue affects JetBlocks For Elementor: from n/a through = 1.3.16...

6.5CVSS7.2AI score0.00181EPSS
Exploits0References1
NVD
NVD
added 2025/03/31 6:15 a.m.16 views

CVE-2025-30987

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Crocoblock JetBlocks For Elementor jet-blocks allows Stored XSS.This issue affects JetBlocks For Elementor: from n/a through = 1.3.16...

6.5CVSS0.00181EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/03/31 6:7 a.m.6 views

CVE-2025-30987 WordPress JetBlocks For Elementor plugin <= 1.3.16 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Crocoblock JetBlocks For Elementor jet-blocks allows Stored XSS.This issue affects JetBlocks For Elementor: from n/a through = 1.3.16...

6.5CVSS7.3AI score0.00181EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/03/31 6:7 a.m.22 views

CVE-2025-30987 WordPress JetBlocks For Elementor plugin <= 1.3.16 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Crocoblock JetBlocks For Elementor jet-blocks allows Stored XSS.This issue affects JetBlocks For Elementor: from n/a through = 1.3.16...

6.5CVSS0.00181EPSS
Exploits0References1
CVE
CVE
added 2025/03/31 6:7 a.m.62 views

CVE-2025-30987

CVE-2025-30987 affects JetBlocks for Elementor (WordPress). Root cause: Improper Neutralization of Input During Web Page Generation, enabling Stored XSS. Impact per public record: Stored Cross-Site Scripting with potential to affect visitors; exploitation requires network access and user interact...

6.5CVSS7.2AI score0.00181EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/03/31 12:0 a.m.3 views

WordPress plugin JetBlocks For Elementor 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

6.5CVSS7.9AI score0.00181EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/03/29 11:47 p.m.3 views

WordPress JetBlocks For Elementor plugin <= 1.3.16 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by stealthcopter Patchstack Alliance in WordPress Plugin JetBlocks For Elementor versions = 1.3.16...

6.5CVSS6.1AI score0.00181EPSS
Exploits0Affected Software1
NVD
NVD
added 2024/08/16 11:15 a.m.18 views

CVE-2024-7147

The JetBlocks for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple placeholder parameters in all versions up to, and including, 1.3.12 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

6.4CVSS0.00293EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/08/16 10:59 a.m.7 views

CVE-2024-7147 JetBlocks <= 1.3.12 - Authenticated (Contributor+) Stored Cross-Site Scripting

The JetBlocks for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple placeholder parameters in all versions up to, and including, 1.3.12 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

6.4CVSS6AI score0.00293EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/08/16 10:59 a.m.21 views

CVE-2024-7147 JetBlocks <= 1.3.12 - Authenticated (Contributor+) Stored Cross-Site Scripting

The JetBlocks for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple placeholder parameters in all versions up to, and including, 1.3.12 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

6.4CVSS0.00293EPSS
Exploits0References2
CVE
CVE
added 2024/08/16 10:59 a.m.49 views

CVE-2024-7147

JetBlocks for Elementor (WordPress) is affected by CVE-2024-7147: Stored Cross-Site Scripting via multiple placeholder parameters in all versions up to 1.3.12 due to insufficient input sanitization and output escaping. Attack requires authenticated access at Contributor level or higher, and can e...

6.4CVSS5.8AI score0.00293EPSS
Exploits0References2
Patchstack
Patchstack
added 2024/08/16 1:38 a.m.3 views

WordPress JetBlocks plugin <= 1.3.12 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by stealthcopter in WordPress Plugin JetBlocks For Elementor versions = 1.3.12...

6.4CVSS5.7AI score0.00293EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2024/08/16 12:0 a.m.3 views

WordPress plugin JetBlocks for Elementor 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

6.4CVSS6AI score0.00293EPSS
Exploits0References3
Patchstack
Patchstack
added 2024/08/16 12:0 a.m.8 views

WordPress JetBlocks For Elementor Plugin <= 1.3.12 is vulnerable to Cross Site Scripting (XSS)

Software JetBlocks For Elementor Type Plugin Vulnerable versions = 1.3.12 Fixed in 1.3.12.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-7147 Patch priority Low CVSS severity Low 6.5 Developer Crocoblock PSID 63831bec7c72 Credits stealthcopter...

6.4CVSS5.8AI score0.00293EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2023/12/14 5:15 p.m.2 views

CVE-2023-48756

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Crocoblock JetBlocks For Elementor allows Reflected XSS.This issue affects JetBlocks For Elementor: from n/a through 1.3.8...

6.1CVSS7.3AI score0.00412EPSS
Exploits0References1
NVD
NVD
added 2023/12/14 5:15 p.m.8 views

CVE-2023-48756

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Crocoblock JetBlocks For Elementor allows Reflected XSS.This issue affects JetBlocks For Elementor: from n/a through 1.3.8...

7.1CVSS0.00412EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/12/14 4:40 p.m.29 views

CVE-2023-48756 WordPress JetBlocks For Elementor Plugin <= 1.3.8 is vulnerable to Cross Site Scripting (XSS)

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Crocoblock JetBlocks For Elementor allows Reflected XSS.This issue affects JetBlocks For Elementor: from n/a through 1.3.8...

7.1CVSS7.2AI score0.00412EPSS
Exploits0References1
CVE
CVE
added 2023/12/14 4:40 p.m.93 views

CVE-2023-48756

CVE-2023-48756 is a reflected XSS vulnerability in the WordPress plugin suite JetBlocks for Elementor (Crocoblock). Affected versions are

7.1CVSS7.1AI score0.00412EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2023/12/14 12:0 a.m.3 views

WordPress and WordPress plugin cross-site scripting vulnerabilities

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

7.1CVSS6AI score0.00412EPSS
Exploits0References2
WPVulnDB
WPVulnDB
added 2023/12/02 12:0 a.m.30 views

JetBlocks For Elementor < 1.3.8.1 - Reflected Cross Site Scripting

Description The JetBlocks for Elementor plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in versions up to, and including, 1.3.8 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in...

7.1CVSS6.2AI score0.00412EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder