CVE-2025-49933 WordPress JetBlog plugin <= 2.4.4 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Crocoblock JetBlog jet-blog allows Reflected XSS.This issue affects JetBlog: from n/a through = 2.4.4...

PT-2025-43197

Name of the Vulnerable Software and Affected Versions CrocoBlock JetBlog versions through 2.4.4 Description The software contains a flaw due to improper neutralization of input during web page generation, specifically a Reflected Cross-site Scripting XSS issue. This allows for the injection of...

WordPress plugin JetBlog 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to set up personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site...

PT-2025-43196

Name of the Vulnerable Software and Affected Versions CrocoBlock JetBlog versions through 2.4.4.1 Description A flaw exists in CrocoBlock JetBlog that allows for Stored Cross-site Scripting XSS. This issue arises from improper neutralization of input during web page generation. An attacker could...

WordPress plugin JetBlog 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site...

EUVD-2025-10937

Malicious code in bioql PyPI...

EUVD-2025-10955

Malicious code in bioql PyPI...

WordPress JetBlog plugin <= 2.4.4.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by stealthcopter in WordPress Plugin JetBlog versions = 2.4.4.1...

WordPress JetBlog plugin <= 2.4.4 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by stealthcopter in WordPress Plugin JetBlog versions = 2.4.4...

CVE-2025-26744

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Crocoblock JetBlog jet-blog allows DOM-Based XSS.This issue affects JetBlog: from n/a through = 2.4.3...

CVE-2025-26958

Missing Authorization vulnerability in Crocoblock JetBlog jet-blog allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects JetBlog: from n/a through = 2.4.3...

CVE-2025-26958

Missing Authorization vulnerability in Crocoblock JetBlog jet-blog allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects JetBlog: from n/a through = 2.4.3...

CVE-2025-26744

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Crocoblock JetBlog jet-blog allows DOM-Based XSS.This issue affects JetBlog: from n/a through = 2.4.3...

CVE-2025-26958

CVE-2025-26958 affects the WordPress Crocoblock JetBlog (JetBlog for Elementor) up to version 2.4.3. The issue is a Missing Authorization vulnerability that permits accessing functionality not properly constrained by ACLs. Reported across multiple sources (including Patchstack and CVE registries)...

CVE-2025-26958 WordPress JetBlog plugin <= 2.4.3 - Broken Access Control Vulnerability

Missing Authorization vulnerability in Crocoblock JetBlog jet-blog allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects JetBlog: from n/a through = 2.4.3...

CVE-2025-26958 WordPress JetBlog plugin <= 2.4.3 - Broken Access Control Vulnerability

Missing Authorization vulnerability in Crocoblock JetBlog jet-blog allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects JetBlog: from n/a through = 2.4.3...

CVE-2025-26744

CVE-2025-26744 is an authenticated stored XSS vulnerability in JetBlog for Elementor. Affected software is JetBlog up to version 2.4.3 (noted as up to 2.4.3 in sources). Wordfence documentation indicates the issue was addressed with JetBlog 2.4.3 (patched). The connected documents also reference ...

CVE-2025-26744 WordPress JetBlog plugin <= 2.4.3 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Crocoblock JetBlog jet-blog allows DOM-Based XSS.This issue affects JetBlog: from n/a through = 2.4.3...

CVE-2025-26744 WordPress JetBlog plugin <= 2.4.3 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Crocoblock JetBlog jet-blog allows DOM-Based XSS.This issue affects JetBlog: from n/a through = 2.4.3...

WordPress JetBlog plugin <= 2.4.3 - Broken Access Control Vulnerability

Broken Access Control Vulnerability discovered by stealthcopter Patchstack Alliance in WordPress Plugin JetBlog versions = 2.4.3...