65 matches found
CVE-2026-61977
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Crocoblock JetSearch jet-search allows Retrieve Embedded Sensitive Data.This issue affects JetSearch: from n/a through = 3.6.1.2...
CVE-2026-61977 WordPress JetSearch plugin <= 3.6.1.2 - Sensitive Data Exposure vulnerability
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Crocoblock JetSearch jet-search allows Retrieve Embedded Sensitive Data.This issue affects JetSearch: from n/a through = 3.6.1.2...
CVE-2026-61977
The CVE-2026-61977 entry concerns the WordPress JetSearch plugin (JetSearch) vulnerable to Exposure of Sensitive System Information to an Unauthorized Control Sphere, allowing retrieval of embedded sensitive data. Affected: WordPress JetSearch plugin versions up to 3.6.1.2. Root cause details are...
EUVD-2026-37619
Unauthenticated SQL Injection in JetSearch = 3.5.17 versions...
CVE-2026-49079
Unauthenticated SQL Injection in JetSearch = 3.5.17 versions...
CVE-2026-49079 WordPress JetSearch plugin <= 3.5.17 - SQL Injection vulnerability
Unauthenticated SQL Injection in JetSearch = 3.5.17 versions...
CVE-2026-49079
The CVE concerns the WordPress JetSearch plugin, affected versions are <= 3.5.17. It describes an unauthenticated SQL injection vulnerability in JetSearch that can be exploited over the network without authentication, potentially compromising confidentiality (high) and affecting data queries. ...
WordPress JetSearch plugin <= 3.5.17 - SQL Injection vulnerability
SQL Injection vulnerability discovered by Bonds in WordPress Plugin JetSearch versions = 3.5.17...
CVE-2025-68504
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Crocoblock JetSearch jet-search allows DOM-Based XSS.This issue affects JetSearch: from n/a through = 3.5.16...
WordPress JetSearch plugin <= 3.5.16 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Bonds in WordPress Plugin JetSearch versions = 3.5.16...
EUVD-2025-205655
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Crocoblock JetSearch allows DOM-Based XSS.This issue affects JetSearch: from n/a through 3.5.16...
CVE-2025-68504
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Crocoblock JetSearch jet-search allows DOM-Based XSS.This issue affects JetSearch: from n/a through = 3.5.16...
CVE-2025-68504
CVE-2025-68504 is a DOM-based XSS in Crocoblock JetSearch for WordPress. Affected: JetSearch up to and including version 3.5.16; requires authenticated access (Contributor+). The issue is a stored cross-site scripting vulnerability during web page generation. Mitigation: update JetSearch to a pat...
CVE-2025-68504 WordPress JetSearch plugin <= 3.5.16 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Crocoblock JetSearch jet-search allows DOM-Based XSS.This issue affects JetSearch: from n/a through = 3.5.16...
CVE-2025-68504 WordPress JetSearch plugin <= 3.5.16 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Crocoblock JetSearch jet-search allows DOM-Based XSS.This issue affects JetSearch: from n/a through = 3.5.16...
WordPress plugin JetSearch 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site...
PT-2025-53796
Name of the Vulnerable Software and Affected Versions Crocoblock JetSearch versions through 3.5.16 Description A flaw exists in Crocoblock JetSearch that allows for DOM-Based Cross-Site Scripting XSS. This issue is due to improper neutralization of input during web page generation. The...
CVE-2025-49931
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Crocoblock JetSearch jet-search allows Blind SQL Injection.This issue affects JetSearch: from n/a through = 3.5.10...
CVE-2025-49930
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Crocoblock JetSearch jet-search allows Reflected XSS.This issue affects JetSearch: from n/a through = 3.5.10...
EUVD-2025-35527
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in CrocoBlock JetSearch jet-search allows Blind SQL Injection.This issue affects JetSearch: from n/a through = 3.5.10...