CVE-2025-68504 WordPress JetSearch plugin <= 3.5.16 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Crocoblock JetSearch jet-search allows DOM-Based XSS.This issue affects JetSearch: from n/a through = 3.5.16...

CVE-2025-49930

The CVE-2025-49930 entry concerns the WordPress JetSearch plugin (versions through 3.5.10). The vulnerability is a Reflected Cross-Site Scripting (XSS) caused by improper neutralization of input during web page generation in the jet-search component. Impact per the provided data is reflected XSS ...

WordPress JetSearch Cross-Site Scripting Vulnerability

WordPress JetSearch is an AJAX-based search plugin for WordPress , designed for Elementor editor , providing a fast , flexible and beautiful search experience . WordPress JetSearch suffers from a cross-site scripting vulnerability that stems from improper input neutralization, which can be...

WordPress JetSearch plugin <= 3.5.10 - SQL Injection vulnerability

SQL Injection vulnerability discovered by stealthcopter in WordPress Plugin JetSearch versions = 3.5.10...

WordPress JetSearch plugin <= 3.5.10.1 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by stealthcopter in WordPress Plugin JetSearch versions = 3.5.10.1...

CVE-2025-53996 WordPress JetSearch plugin <= 3.5.10.1 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Crocoblock JetSearch jet-search allows Stored XSS.This issue affects JetSearch: from n/a through = 3.5.10.1...

CVE-2025-31043

CVE-2025-31043 : JetSearch (WordPress plugin) has a DOM-based cross-site scripting (XSS) vulnerability in the JetSearch component due to improper input handling during web page generation. Affected: JetSearch versions up to 3.5.7 (requires authenticated access at Contributor+ level). Impact: stor...

CVE-2025-31043 WordPress JetSearch plugin <= 3.5.7 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in NotFound JetSearch allows DOM-Based XSS. This issue affects JetSearch: from n/a through 3.5.7...

WordPress JetSearch Plugin <= 3.5.2 is vulnerable to Cross Site Scripting (XSS)

Software JetSearch Type Plugin Vulnerable versions = 3.5.2 Fixed in 3.5.2.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-7136 Patch priority Low CVSS severity Low 6.5 Developer Crocoblock PSID 9a2d0419a5d9 Credits stealthcopter Required privilege...

WordPress JetSearch Plugin <= 3.1.2 is vulnerable to Broken Access Control

Software JetSearch Type Plugin Vulnerable versions = 3.1.2 Fixed in 3.1.2.1 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-48761 Patch priority Medium CVSS severity Medium 6.3 Developer Crocoblock PSID 7a898b33b365 Credits Rafie Muhammad Patchstack Requir...