188 matches found
CVE-2026-28134 WordPress JetEngine plugin <= 3.7.2 - Remote Code Execution (RCE) vulnerability
Improper Control of Generation of Code 'Code Injection' vulnerability in Crocoblock JetEngine jet-engine allows Remote Code Inclusion.This issue affects JetEngine: from n/a through = 3.7.2...
CVE-2026-28134
CVE-2026-28134 is a confirmed RCE in Crocoblock JetEngine plugin for WordPress, affecting JetEngine versions up to and including 3.7.2. The issue is described as an improper control of code generation that enables Remote Code Inclusion/Execution. Multiple sources (NVD, Red Hat, CVE listings) corr...
CVE-2026-28134 WordPress JetEngine plugin <= 3.7.2 - Remote Code Execution (RCE) vulnerability
Improper Control of Generation of Code 'Code Injection' vulnerability in Crocoblock JetEngine jet-engine allows Remote Code Inclusion.This issue affects JetEngine: from n/a through = 3.7.2...
CVE-2026-28134
Improper Control of Generation of Code 'Code Injection' vulnerability in Crocoblock JetEngine jet-engine allows Remote Code Inclusion.This issue affects JetEngine: from n/a through = 3.7.2...
PT-2026-23404
Improper Control of Generation of Code 'Code Injection' vulnerability in Crocoblock JetEngine jet-engine allows Remote Code Inclusion.This issue affects JetEngine: from n/a through = 3.7.2...
WordPress plugin JetEngine 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...
WordPress JetEngine plugin <= 3.7.2 - Remote Code Execution (RCE) vulnerability
Remote Code Execution RCE vulnerability discovered by stealthcopter in WordPress Plugin JetEngine versions = 3.7.2...
CVE-2025-68495
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Crocoblock JetEngine jet-engine allows Reflected XSS.This issue affects JetEngine: from n/a through = 3.8.0...
CVE-2025-68495
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Crocoblock JetEngine jet-engine allows Reflected XSS.This issue affects JetEngine: from n/a through = 3.8.0...
CVE-2025-68495 WordPress JetEngine plugin <= 3.8.0 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Crocoblock JetEngine jet-engine allows Reflected XSS.This issue affects JetEngine: from n/a through = 3.8.0...
CVE-2025-68495
CVE-2025-68495 is a Reflected XSS in Crocoblock JetEngine (JetEngine) before version 3.8.0. Root cause: improper input neutralization during web page generation. Impact per sources includes HIGH severity (CVSS 3.1: AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L; base score 7.1). Remediation: upgrade JetEngi...
CVE-2025-68495 WordPress JetEngine plugin <= 3.8.0 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Crocoblock JetEngine jet-engine allows Reflected XSS.This issue affects JetEngine: from n/a through = 3.8.0...
PT-2026-21086
Name of the Vulnerable Software and Affected Versions Crocoblock JetEngine versions through 3.8.0 Description A flaw exists in Crocoblock JetEngine that allows for Reflected Cross-Site Scripting XSS. This issue is due to improper neutralization of input during web page generation. The vulnerabili...
WordPress plugin JetEngine 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application plugin. There is a...
WordPress JetEngine plugin <= 3.8.0 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by Bonds in WordPress Plugin JetEngine versions = 3.8.0...
CVE-2025-67923
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Crocoblock JetEngine jet-engine allows Reflected XSS.This issue affects JetEngine: from n/a through = 3.7.7...
CVE-2025-67923
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Crocoblock JetEngine jet-engine allows Reflected XSS.This issue affects JetEngine: from n/a through = 3.7.7...
CVE-2025-67923 WordPress JetEngine plugin <= 3.7.7 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Crocoblock JetEngine jet-engine allows Reflected XSS.This issue affects JetEngine: from n/a through = 3.7.7...
CVE-2025-67923
CVE-2025-67923 is a reflected XSS in Crocoblock JetEngine (WordPress plugin) up to version 3.7.7. The root cause is improper input neutralization during web page generation. Impact per sources includes potential script execution in victims’ browsers with network access required and user interacti...
CVE-2025-67923
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Crocoblock JetEngine jet-engine allows Reflected XSS.This issue affects JetEngine: from n/a through = 3.7.7...