CVE-2025-68498

CVE-2025-68498 describes a Missing Authorization vulnerability in Crocoblock JetTabs for WordPress (JetTabs

CVE-2025-68498 WordPress JetTabs plugin <= 2.2.12 - Broken Access Control vulnerability

Missing Authorization vulnerability in Crocoblock JetTabs allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JetTabs: from n/a through 2.2.12...

CVE-2025-68499 WordPress JetTabs plugin <= 2.2.12 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Crocoblock JetTabs jet-tabs allows DOM-Based XSS.This issue affects JetTabs: from n/a through = 2.2.12...

EUVD-2024-48115

Malicious code in bioql PyPI...

CVE-2025-54687 WordPress JetTabs Plugin plugin <= 2.2.9.1 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Crocoblock JetTabs jet-tabs allows DOM-Based XSS.This issue affects JetTabs: from n/a through = 2.2.9.1...

CVE-2025-54687 WordPress JetTabs Plugin plugin <= 2.2.9.1 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Crocoblock JetTabs jet-tabs allows DOM-Based XSS.This issue affects JetTabs: from n/a through = 2.2.9.1...

PT-2025-33239 · WordPress · Crocoblock Jettabs

Name of the Vulnerable Software and Affected Versions: Crocoblock JetTabs versions through 2.2.9.1 Description: The software contains a DOM-Based Cross-site Scripting XSS issue due to improper neutralization of input during web page generation. Recommendations: Update Crocoblock JetTabs to a...

WordPress JetTabs Cross-Site Scripting Vulnerability

WordPress JetTabs is a plugin for Elementor page builder, mainly used to add stylish tabs and tabs functionality to WordPress websites, supports building rich content and customizing styles through Elementor widgets. WordPress JetTabs suffers from a cross-site scripting vulnerability that stems...

CVE-2025-53984

CVE-2025-53984 concerns Crocoblock JetTabs (WordPress plugin) with a stored XSS due to improper input neutralization in JetTabs up to version 2.2.9. The vulnerability is documented across multiple sources (NVD, CVE lists, Patchstack, PT-2025-29733) and is noted as patched in JetTabs 2.2.9+ (the p...

WordPress plugin JetTabs 跨站脚本漏洞

WordPress JetTabs is a plugin for Elementor page builder, mainly used to add stylish tabs and tabs functionality to WordPress websites, supports building rich content and customizing styles through Elementor widgets. WordPress JetTabs suffers from a cross-site scripting vulnerability that stems...

CVE-2025-39450 WordPress JetTabs plugin <= 2.2.7 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Crocoblock JetTabs allows DOM-Based XSS.This issue affects JetTabs: from n/a through 2.2.7...

WordPress JetTabs plugin <= 2.2.7 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by stealthcopter Patchstack Alliance in WordPress Plugin JetTabs versions = 2.2.7...

CVE-2024-7146 JetTabs <= 2.2.3 - Authenticated (Contributor+) Arbitrary Local File Inclusion

The JetTabs for Elementor plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.2.3 via the 'switcherpreset' parameter. This makes it possible for authenticated attackers, with Contributor-level access and above, to include and execute arbitrary files ...

CVE-2024-7146

CVE-2024-7146 affects JetTabs for Elementor (WordPress plugin) up to v2.2.3. It allows authenticated users with Contributor-level access and above to perform Local File Inclusion via the switcher_preset parameter, enabling inclusion/ execution of arbitrary PHP code on the server and potentially b...