Lucene search
K

93 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 5:47 a.m.6 views

CVE-2023-48763

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Crocoblock JetFormBuilder allows Code Injection.This issue affects JetFormBuilder: from n/a through 3.1.4...

5.3CVSS8.5AI score0.00373EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:56 a.m.8 views

CVE-2023-33212

Cross-Site Request Forgery CSRF vulnerability in Crocoblock JetFormBuilder — Dynamic Blocks Form Builder plugin = 3.0.6 versions...

8.8CVSS7.1AI score0.00256EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:5 a.m.5 views

CVE-2023-37866

Improper Privilege Management vulnerability in Crocoblock JetFormBuilder allows Privilege Escalation.This issue affects JetFormBuilder: from n/a through 3.0.8...

7.2CVSS6.9AI score0.00611EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/02/05 11:58 a.m.8 views

CVE-2024-7291

The JetFormBuilder plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 3.3.4.1. This is due to improper restriction on user meta fields. This makes it possible for authenticated attackers, with administrator-level and above permissions, to register as...

7.2CVSS6.8AI score0.00525EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/08/05 2:28 a.m.4 views

WordPress JetFormBuilder plugin <= 3.3.4.1 - Authenticated (Administrator+) Privilege Escalation vulnerability

Authenticated Administrator+ Privilege Escalation vulnerability discovered by István Márton in WordPress Plugin JetFormBuilder versions = 3.3.4.1...

7.2CVSS7AI score0.00525EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/08/05 12:0 a.m.11 views

WordPress JetFormBuilder Plugin <= 3.3.4.1 is vulnerable to Privilege Escalation

Software JetFormBuilder Type Plugin Vulnerable versions = 3.3.4.1 Fixed in 3.3.4.2 OWASP Top 10 A7: Identification and Authentication Failures Classification Privilege Escalation CVE CVE-2024-7291 Patch priority Low CVSS severity Low 7.2 Developer Crocoblock PSID 30c9168f58bb Credits István Márto...

7.2CVSS6.6AI score0.00525EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2024/08/03 7:16 a.m.28 views

CVE-2024-7291

The JetFormBuilder plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 3.3.4.1. This is due to improper restriction on user meta fields. This makes it possible for authenticated attackers, with administrator-level and above permissions, to register as...

7.2CVSS0.00525EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/08/03 6:41 a.m.17 views

CVE-2024-7291 JetFormBuilder <= 3.3.4.1 - Authenticated (Administrator+) Privilege Escalation

The JetFormBuilder plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 3.3.4.1. This is due to improper restriction on user meta fields. This makes it possible for authenticated attackers, with administrator-level and above permissions, to register as...

7.2CVSS6.9AI score0.00525EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/08/03 6:41 a.m.32 views

CVE-2024-7291 JetFormBuilder <= 3.3.4.1 - Authenticated (Administrator+) Privilege Escalation

The JetFormBuilder plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 3.3.4.1. This is due to improper restriction on user meta fields. This makes it possible for authenticated attackers, with administrator-level and above permissions, to register as...

7.2CVSS0.00525EPSS
Exploits0References3
CVE
CVE
added 2024/08/03 6:41 a.m.47 views

CVE-2024-7291

The CVE-2024-7291 entry concerns JetFormBuilder for WordPress. It describes an authenticated privilege-escalation flaw in versions up to and including 3.3.4.1 caused by improper restriction on user meta fields, enabling an administrator+ on multi-site installations to register as a super-admin. C...

7.2CVSS7AI score0.00525EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/08/03 12:0 a.m.4 views

PT-2024-38240 · WordPress · Jetformbuilder

Name of the Vulnerable Software and Affected Versions: JetFormBuilder plugin for WordPress versions up to, and including, 3.3.4.1 Description: The issue is related to improper restriction on user meta fields, allowing authenticated attackers with administrator-level and above permissions to...

7.2CVSS7.3AI score0.00525EPSS
Exploits0References6
CNNVD
CNNVD
added 2024/08/03 12:0 a.m.4 views

WordPress plugin JetFormBuilder 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security...

7.2CVSS6.8AI score0.00525EPSS
Exploits0References4
NVD
NVD
added 2024/05/17 7:15 a.m.19 views

CVE-2023-37866

Improper Privilege Management vulnerability in Crocoblock JetFormBuilder allows Privilege Escalation.This issue affects JetFormBuilder: from n/a through 3.0.8...

7.2CVSS7AI score0.00611EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/05/17 6:48 a.m.11 views

CVE-2023-37866 WordPress JetFormBuilder plugin <= 3.0.8 - Authenticated Privilege Escalation vulnerability

Improper Privilege Management vulnerability in Crocoblock JetFormBuilder allows Privilege Escalation.This issue affects JetFormBuilder: from n/a through 3.0.8...

7.2CVSS7AI score0.00611EPSS
Exploits0References1
CVE
CVE
added 2024/05/17 6:48 a.m.49 views

CVE-2023-37866

CVE-2023-37866 affects JetFormBuilder (WordPress plugin by Crocoblock) up to version 3.0.8. Primary issue is Improper Privilege Management that enables Authenticated Privilege Escalation (Author level privileges required) with in-network access and no user interaction. The vulnerability correspon...

7.2CVSS6.8AI score0.00611EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/05/17 6:48 a.m.24 views

CVE-2023-37866 WordPress JetFormBuilder plugin <= 3.0.8 - Authenticated Privilege Escalation vulnerability

Improper Privilege Management vulnerability in Crocoblock JetFormBuilder allows Privilege Escalation.This issue affects JetFormBuilder: from n/a through 3.0.8...

7.2CVSS7AI score0.00611EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/05/17 12:0 a.m.3 views

WordPress plugin JetFormBuilder 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

7.2CVSS8.4AI score0.00611EPSS
Exploits0References2
NVD
NVD
added 2024/04/24 4:15 p.m.18 views

CVE-2023-48763

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Crocoblock JetFormBuilder allows Code Injection.This issue affects JetFormBuilder: from n/a through 3.1.4...

5.3CVSS5.2AI score0.00373EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/04/24 4:1 p.m.14 views

CVE-2023-48763 WordPress JetFormBuilder plugin <= 3.1.4 - Content Injection vulnerability

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Crocoblock JetFormBuilder allows Code Injection.This issue affects JetFormBuilder: from n/a through 3.1.4...

5.3CVSS6.1AI score0.00373EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/04/24 4:1 p.m.23 views

CVE-2023-48763 WordPress JetFormBuilder plugin <= 3.1.4 - Content Injection vulnerability

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Crocoblock JetFormBuilder allows Code Injection.This issue affects JetFormBuilder: from n/a through 3.1.4...

5.3CVSS5.4AI score0.00373EPSS
Exploits0References1
Rows per page
Query Builder