CVE-2025-68503 WordPress JetBlog plugin <= 2.4.7 - Broken Access Control vulnerability

Missing Authorization vulnerability in Crocoblock JetBlog jet-blog allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JetBlog: from n/a through = 2.4.7...

CVE-2025-68503 WordPress JetBlog plugin <= 2.4.7 - Broken Access Control vulnerability

Missing Authorization vulnerability in Crocoblock JetBlog allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JetBlog: from n/a through 2.4.7...

CVE-2025-49932

CVE-2025-49932 : A Stored Cross-Site Scripting (XSS) vulnerability affects CrocoBlock JetBlog (jet-blog) versions up to and including 2.4.4.1. The root cause is improper neutralization of input during web page generation, allowing injected scripts to be stored and later viewed by other users. Imp...

CVE-2025-49932 WordPress JetBlog plugin <= 2.4.4.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Crocoblock JetBlog jet-blog allows Stored XSS.This issue affects JetBlog: from n/a through = 2.4.4.1...

CVE-2025-49932 WordPress JetBlog plugin <= 2.4.4.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Crocoblock JetBlog jet-blog allows Stored XSS.This issue affects JetBlog: from n/a through = 2.4.4.1...

CVE-2025-26958 WordPress JetBlog plugin <= 2.4.3 - Broken Access Control Vulnerability

Missing Authorization vulnerability in Crocoblock JetBlog jet-blog allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects JetBlog: from n/a through = 2.4.3...

CVE-2025-26958 WordPress JetBlog plugin <= 2.4.3 - Broken Access Control Vulnerability

Missing Authorization vulnerability in Crocoblock JetBlog jet-blog allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects JetBlog: from n/a through = 2.4.3...

CVE-2025-26744 WordPress JetBlog plugin <= 2.4.3 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Crocoblock JetBlog jet-blog allows DOM-Based XSS.This issue affects JetBlog: from n/a through = 2.4.3...

WordPress JetBlog plugin <= 2.4.3 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by stealthcopter Patchstack Alliance in WordPress Plugin JetBlog versions = 2.4.3...

WordPress JetBlog Plugin <= 2.3.5 is vulnerable to Broken Access Control

Software JetBlog Type Plugin Vulnerable versions = 2.3.5 Fixed in 2.3.5.1 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-48761 Patch priority Medium CVSS severity Medium 6.3 Developer Crocoblock PSID 536b5555361f Credits Rafie Muhammad Patchstack Required...

WordPress JetBlog Plugin <= 2.3.5 is vulnerable to Cross Site Request Forgery (CSRF)

Software JetBlog Type Plugin Vulnerable versions = 2.3.5 Fixed in 2.3.5.1 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-48762 Patch priority Low CVSS severity Low 6.3 Developer Crocoblock PSID 4f9acfdd963e Credits Rafie Muhammad Patchstack...