CVE-2025-67923 WordPress JetEngine plugin <= 3.7.7 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Crocoblock JetEngine jet-engine allows Reflected XSS.This issue affects JetEngine: from n/a through = 3.7.7...

WordPress plugin JetEngine has a cross-site scripting vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application plugin. WordPress...

PT-2026-4020

Name of the Vulnerable Software and Affected Versions Crocoblock JetEngine versions through 3.7.7 Description A flaw exists in Crocoblock JetEngine that allows for Reflected Cross-site Scripting XSS. This issue is due to improper neutralization of input during web page generation. The vulnerabili...

CVE-2025-69333

Missing Authorization vulnerability in Crocoblock JetEngine jet-engine allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JetEngine: from n/a through = 3.8.1.1...

CVE-2025-69333

Missing Authorization vulnerability in Crocoblock JetEngine jet-engine allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JetEngine: from n/a through = 3.8.1.1...

CVE-2025-69333 WordPress JetEngine plugin <= 3.8.1.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in Crocoblock JetEngine jet-engine allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JetEngine: from n/a through = 3.8.1.1...

CVE-2025-69333

CVE-2025-69333 describes a Missing Authorization vulnerability in Crocoblock JetEngine (JetEngine) that allows exploitation of incorrectly configured Access Control security levels. Affected product: JetEngine; version range indicated as up to 3.8.1.1. The connected Red Hat advisory and the initi...

CVE-2025-69333 WordPress JetEngine plugin <= 3.8.1.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in Crocoblock JetEngine jet-engine allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JetEngine: from n/a through = 3.8.1.1...

PT-2026-1648

Name of the Vulnerable Software and Affected Versions Crocoblock JetEngine versions through 3.8.1.1 Description A missing authorization issue exists in Crocoblock JetEngine, allowing exploitation of incorrectly configured access control security levels. The issue concerns insufficient authorizati...

WordPress plugin JetEngine 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

WordPress JetEngine plugin <= 3.7.7 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Bonds in WordPress Plugin JetEngine versions = 3.7.7...

WordPress JetEngine plugin <= 3.8.1.1 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Bonds in WordPress Plugin JetEngine versions = 3.8.1.1...

CVE-2025-49938

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Crocoblock JetEngine jet-engine allows Stored XSS.This issue affects JetEngine: from n/a through = 3.7.3...

EUVD-2025-35520

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CrocoBlock JetEngine jet-engine allows Stored XSS.This issue affects JetEngine: from n/a through = 3.7.3...

CVE-2025-49938

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Crocoblock JetEngine jet-engine allows Stored XSS.This issue affects JetEngine: from n/a through = 3.7.3...

CVE-2025-49938 WordPress JetEngine plugin <= 3.7.3 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Crocoblock JetEngine jet-engine allows Stored XSS.This issue affects JetEngine: from n/a through = 3.7.3...

CVE-2025-49938 WordPress JetEngine plugin <= 3.7.3 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Crocoblock JetEngine jet-engine allows Stored XSS.This issue affects JetEngine: from n/a through = 3.7.3...

CVE-2025-49938

CVE-2025-49938 is a stored Cross-Site Scripting (XSS) vulnerability in CrocoBlock JetEngine (WordPress plugin) up to version 3.7.3. The issue stems from improper input neutralization during web page generation. Impact is consistent with stored XSS on JetEngine pages, with CVSS 3.1 base score 6.5 ...

WordPress plugin JetEngine jet-engine 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...

PT-2025-43202

Name of the Vulnerable Software and Affected Versions CrocoBlock JetEngine versions through 3.7.3 Description A Stored Cross-site Scripting XSS issue exists in CrocoBlock JetEngine. This allows for the injection of malicious scripts into web pages. The issue is due to improper neutralization of...