CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CVE-2025-49939

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Crocoblock JetElements For Elementor jet-elements allows Stored XSS.This issue affects JetElements For Elementor: from n/a through = 2.7.8...

RedhatCVE•added 2025/10/23 3:14 p.m.•3 views

CVE-2025-49928

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Crocoblock JetWooBuilder jet-woo-builder allows DOM-Based XSS.This issue affects JetWooBuilder: from n/a through = 2.1.20...

CVE-2025-49934

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Crocoblock JetBlocks For Elementor jet-blocks allows Stored XSS.This issue affects JetBlocks For Elementor: from n/a through = 1.3.18...

7.5CVSS5.9AI score0.00117EPSS

CVE-2025-49921

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Crocoblock JetReviews jet-reviews allows PHP Local File Inclusion.This issue affects JetReviews: from n/a through = 3.0.0...

7.1CVSS5.9AI score0.00075EPSS

CVE-2025-49930

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Crocoblock JetSearch jet-search allows Reflected XSS.This issue affects JetSearch: from n/a through = 3.5.10...

EUVD•added 2025/10/22 3:31 p.m.•1 views

EUVD-2025-35524

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CrocoBlock JetBlocks For Elementor jet-blocks allows Stored XSS.This issue affects JetBlocks For Elementor: from n/a through = 1.3.18...

5.5AI score0.00075EPSS

Exploits0References2

EUVD•added 2025/10/22 3:31 p.m.•2 views

EUVD-2025-35531

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CrocoBlock JetWooBuilder jet-woo-builder allows Stored XSS.This issue affects JetWooBuilder: from n/a through = 2.1.20.1...

5.5AI score0.00075EPSS

Exploits0References2

CVE-2025-49938

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Crocoblock JetEngine jet-engine allows Stored XSS.This issue affects JetEngine: from n/a through = 3.7.3...

CVE-2025-49939

CVE-2025-49932

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Crocoblock JetBlog jet-blog allows Stored XSS.This issue affects JetBlog: from n/a through = 2.4.4.1...

CVE-2025-49934

CVE•added 2025/10/22 2:32 p.m.•5 views

CVE-2025-49934

CVE-2025-49934 affects CrocoBlock JetBlocks For Elementor (WordPress plugin) up to version 1.3.18, with a stored XSS due to improper neutralization of input during web page generation in the jet-blocks component. Potential impact is stored XSS affecting users viewing pages. Remediation: upgrade t...