CVE-2025-49930

The CVE-2025-49930 entry concerns the WordPress JetSearch plugin (versions through 3.5.10). The vulnerability is a Reflected Cross-Site Scripting (XSS) caused by improper neutralization of input during web page generation in the jet-search component. Impact per the provided data is reflected XSS ...

CVE-2025-49930 WordPress JetSearch plugin <= 3.5.10 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Crocoblock JetSearch jet-search allows Reflected XSS.This issue affects JetSearch: from n/a through = 3.5.10...

EUVD-2024-48111

Malicious code in bioql PyPI...

WordPress JetSearch plugin <= 3.5.10 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by stealthcopter in WordPress Plugin JetSearch versions = 3.5.10...

CVE-2025-53996 WordPress JetSearch plugin <= 3.5.10.1 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Crocoblock JetSearch allows Stored XSS. This issue affects JetSearch: from n/a through 3.5.10.1...

CVE-2024-7136

The JetSearch plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘id’ parameter in all versions up to, and including, 3.5.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and abov...

CVE-2025-31043 WordPress JetSearch plugin <= 3.5.7 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Crocoblock JetSearch jet-search allows DOM-Based XSS.This issue affects JetSearch: from n/a through = 3.5.7...

WordPress plugin JetSearch 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripti...

CVE-2024-7136

CVE-2024-7136 affects the JetSearch WordPress plugin (all versions

PT-2024-38102 · WordPress · Jetsearch

Name of the Vulnerable Software and Affected Versions: JetSearch plugin for WordPress versions up to, and including, 3.5.2 Description: The issue is related to Stored Cross-Site Scripting via the id parameter due to insufficient input sanitization and output escaping. This allows authenticated...

WordPress JetSearch Plugin <= 3.5.2 is vulnerable to Cross Site Scripting (XSS)

Software JetSearch Type Plugin Vulnerable versions = 3.5.2 Fixed in 3.5.2.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-7136 Patch priority Low CVSS severity Low 6.5 Developer Crocoblock PSID 9a2d0419a5d9 Credits stealthcopter Required privilege...