CVE-2026-42774

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Crocoblock JetEngine allows SQL Injection. This issue affects JetEngine: from n/a through 3.8.8.1...

CVE-2025-67923

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Crocoblock JetEngine jet-engine allows Reflected XSS.This issue affects JetEngine: from n/a through = 3.7.7...

CVE-2025-69333 WordPress JetEngine plugin <= 3.8.1.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in Crocoblock JetEngine jet-engine allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JetEngine: from n/a through = 3.8.1.1...

EUVD-2025-35520

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CrocoBlock JetEngine jet-engine allows Stored XSS.This issue affects JetEngine: from n/a through = 3.7.3...

PT-2025-16514 · Jetengine · Jetengine

Name of the Vulnerable Software and Affected Versions: JetEngine versions 3.6.4.1 and earlier Description: The issue is related to improper neutralization of input during web page generation, which allows for DOM-Based Cross-site Scripting XSS. This means that an attacker could potentially inject...