WordPress plugin JetBlog 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

CVE-2025-49932

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Crocoblock JetBlog jet-blog allows Stored XSS.This issue affects JetBlog: from n/a through = 2.4.4.1...

CVE-2025-49932

CVE-2025-49932 : A Stored Cross-Site Scripting (XSS) vulnerability affects CrocoBlock JetBlog (jet-blog) versions up to and including 2.4.4.1. The root cause is improper neutralization of input during web page generation, allowing injected scripts to be stored and later viewed by other users. Imp...

CVE-2025-26744

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Crocoblock JetBlog jet-blog allows DOM-Based XSS.This issue affects JetBlog: from n/a through = 2.4.3...

CVE-2025-26958

Missing Authorization vulnerability in Crocoblock JetBlog jet-blog allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects JetBlog: from n/a through = 2.4.3...

PT-2025-16322 · Jetblog · Jetblog

Name of the Vulnerable Software and Affected Versions: JetBlog versions n/a through 2.4.3 Description: The issue is related to a Missing Authorization vulnerability, which allows accessing functionality not properly constrained by ACLs. Recommendations: For JetBlog versions n/a through 2.4.3,...