CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

62 matches found

EUVD•added 2026/06/17 6:35 p.m.•8 views

EUVD-2026-37619

Unauthenticated SQL Injection in JetSearch = 3.5.17 versions...

9.3CVSS5.7AI score0.00346EPSS

Exploits1References2

NVD•added 2026/06/17 1:20 p.m.•7 views

CVE-2026-49079

Unauthenticated SQL Injection in JetSearch = 3.5.17 versions...

9.3CVSS0.00346EPSS

Exploits1References1

CVE•added 2026/06/17 9:51 a.m.•30 views

CVE-2026-49079

The CVE concerns the WordPress JetSearch plugin, affected versions are <= 3.5.17. It describes an unauthenticated SQL injection vulnerability in JetSearch that can be exploited over the network without authentication, potentially compromising confidentiality (high) and affecting data queries. ...

9.3CVSS5.7AI score0.00346EPSS

Exploits1References1

Cvelist•added 2026/06/17 9:51 a.m.•27 views

CVE-2026-49079 WordPress JetSearch plugin <= 3.5.17 - SQL Injection vulnerability

Unauthenticated SQL Injection in JetSearch = 3.5.17 versions...

9.3CVSS0.00346EPSS

Exploits1References1

Patchstack•added 2026/06/05 9:40 a.m.•8 views

WordPress JetSearch plugin <= 3.5.17 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Bonds in WordPress Plugin JetSearch versions = 3.5.17...

9.3CVSS5.7AI score0.00346EPSS

Exploits1Affected Software1

RedhatCVE•added 2025/12/30 11:15 p.m.•4 views

CVE-2025-68504

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Crocoblock JetSearch jet-search allows DOM-Based XSS.This issue affects JetSearch: from n/a through = 3.5.16...

6.5CVSS5.9AI score0.00175EPSS

Exploits0References1

Patchstack•added 2025/12/30 5:43 a.m.•8 views

WordPress JetSearch plugin <= 3.5.16 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Bonds in WordPress Plugin JetSearch versions = 3.5.16...

6.5CVSS6.1AI score0.00175EPSS

Exploits0Affected Software1

EUVD•added 2025/12/30 12:32 a.m.•4 views

EUVD-2025-205655

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Crocoblock JetSearch allows DOM-Based XSS.This issue affects JetSearch: from n/a through 3.5.16...

6.5CVSS5.9AI score0.00175EPSS

Exploits0References2

NVD•added 2025/12/29 10:15 p.m.•6 views

CVE-2025-68504

6.5CVSS0.00175EPSS

Exploits0References1

Vulnrichment•added 2025/12/29 9:14 p.m.•3 views

CVE-2025-68504 WordPress JetSearch plugin <= 3.5.16 - Cross Site Scripting (XSS) vulnerability

6.5CVSS5.2AI score0.00175EPSS

Exploits0References1

Cvelist•added 2025/12/29 9:14 p.m.•28 views

CVE-2025-68504 WordPress JetSearch plugin <= 3.5.16 - Cross Site Scripting (XSS) vulnerability

6.5CVSS0.00175EPSS

Exploits0References1

CVE•added 2025/12/29 9:14 p.m.•18 views

CVE-2025-68504

CVE-2025-68504 is a DOM-based XSS in Crocoblock JetSearch for WordPress. Affected: JetSearch up to and including version 3.5.16; requires authenticated access (Contributor+). The issue is a stored cross-site scripting vulnerability during web page generation. Mitigation: update JetSearch to a pat...

6.5CVSS5.9AI score0.00175EPSS

Exploits0References1

Positive Technologies•added 2025/12/29 12:0 a.m.•6 views

PT-2025-53796

Name of the Vulnerable Software and Affected Versions Crocoblock JetSearch versions through 3.5.16 Description A flaw exists in Crocoblock JetSearch that allows for DOM-Based Cross-Site Scripting XSS. This issue is due to improper neutralization of input during web page generation. The...

6.5CVSS6AI score0.00175EPSS

Exploits0References3

CNNVD•added 2025/12/29 12:0 a.m.•2 views

WordPress plugin JetSearch 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site...

6.5CVSS5.7AI score0.00175EPSS

Exploits0References2

RedhatCVE•added 2025/10/23 3:14 p.m.•6 views

CVE-2025-49931

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Crocoblock JetSearch jet-search allows Blind SQL Injection.This issue affects JetSearch: from n/a through = 3.5.10...

9.3CVSS5.9AI score0.00388EPSS

Exploits0References1

RedhatCVE•added 2025/10/23 3:14 p.m.•3 views

CVE-2025-49930

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Crocoblock JetSearch jet-search allows Reflected XSS.This issue affects JetSearch: from n/a through = 3.5.10...

7.1CVSS5.9AI score0.00228EPSS

Exploits0References1

EUVD•added 2025/10/22 3:31 p.m.•4 views

EUVD-2025-35528

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CrocoBlock JetSearch jet-search allows Reflected XSS.This issue affects JetSearch: from n/a through = 3.5.10...

5.9AI score0.00228EPSS

Exploits0References2

EUVD•added 2025/10/22 3:31 p.m.•4 views

EUVD-2025-35527

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in CrocoBlock JetSearch jet-search allows Blind SQL Injection.This issue affects JetSearch: from n/a through = 3.5.10...

7.1AI score0.00388EPSS

Exploits0References2

NVD•added 2025/10/22 3:15 p.m.•3 views

CVE-2025-49930

7.1CVSS0.00228EPSS

Exploits0References1

NVD•added 2025/10/22 3:15 p.m.•4 views

CVE-2025-49931

9.3CVSS0.00388EPSS

Exploits0References1

Rows per page