CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

57 matches found

RedhatCVE•added 2025/12/30 11:15 p.m.•2 views

CVE-2025-68504

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Crocoblock JetSearch jet-search allows DOM-Based XSS.This issue affects JetSearch: from n/a through = 3.5.16...

6.5CVSS5.9AI score0.00024EPSS

Exploits0References1

Patchstack•added 2025/12/30 5:43 a.m.•5 views

WordPress JetSearch plugin <= 3.5.16 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Bonds in WordPress Plugin JetSearch versions = 3.5.16...

6.5CVSS6.1AI score0.00024EPSS

Exploits0Affected Software1

EUVD•added 2025/12/30 12:32 a.m.•2 views

EUVD-2025-205655

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Crocoblock JetSearch allows DOM-Based XSS.This issue affects JetSearch: from n/a through 3.5.16...

6.5CVSS5.9AI score0.00024EPSS

Exploits0References2

NVD•added 2025/12/29 10:15 p.m.•2 views

CVE-2025-68504

6.5CVSS0.00024EPSS

Exploits0References1

Cvelist•added 2025/12/29 9:14 p.m.•25 views

CVE-2025-68504 WordPress JetSearch plugin <= 3.5.16 - Cross Site Scripting (XSS) vulnerability

6.5CVSS0.00024EPSS

Exploits0References1

Vulnrichment•added 2025/12/29 9:14 p.m.•2 views

CVE-2025-68504 WordPress JetSearch plugin <= 3.5.16 - Cross Site Scripting (XSS) vulnerability

6.5CVSS5.2AI score0.00024EPSS

Exploits0References1

CVE•added 2025/12/29 9:14 p.m.•8 views

CVE-2025-68504

CVE-2025-68504 is a DOM-based XSS in Crocoblock JetSearch for WordPress. Affected: JetSearch up to and including version 3.5.16; requires authenticated access (Contributor+). The issue is a stored cross-site scripting vulnerability during web page generation. Mitigation: update JetSearch to a pat...

6.5CVSS5.9AI score0.00024EPSS

Exploits0References1

Positive Technologies•added 2025/12/29 12:0 a.m.•3 views

PT-2025-53796

Name of the Vulnerable Software and Affected Versions Crocoblock JetSearch versions through 3.5.16 Description A flaw exists in Crocoblock JetSearch that allows for DOM-Based Cross-Site Scripting XSS. This issue is due to improper neutralization of input during web page generation. The...

6.5CVSS6AI score0.00024EPSS

Exploits0References3

CNNVD•added 2025/12/29 12:0 a.m.•2 views

WordPress plugin JetSearch 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site...

6.5CVSS5.7AI score0.00024EPSS

Exploits0References2

RedhatCVE•added 2025/10/23 3:14 p.m.•3 views

CVE-2025-49931

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Crocoblock JetSearch jet-search allows Blind SQL Injection.This issue affects JetSearch: from n/a through = 3.5.10...

9.3CVSS5.9AI score0.00034EPSS

Exploits0References1

RedhatCVE•added 2025/10/23 3:14 p.m.•1 views

CVE-2025-49930

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Crocoblock JetSearch jet-search allows Reflected XSS.This issue affects JetSearch: from n/a through = 3.5.10...

7.1CVSS5.9AI score0.00075EPSS

Exploits0References1

EUVD•added 2025/10/22 3:31 p.m.•1 views

EUVD-2025-35528

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CrocoBlock JetSearch jet-search allows Reflected XSS.This issue affects JetSearch: from n/a through = 3.5.10...

5.9AI score0.00075EPSS

Exploits0References2

EUVD•added 2025/10/22 3:31 p.m.•3 views

EUVD-2025-35527

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in CrocoBlock JetSearch jet-search allows Blind SQL Injection.This issue affects JetSearch: from n/a through = 3.5.10...

7.1AI score0.00034EPSS

Exploits0References2

NVD•added 2025/10/22 3:15 p.m.•1 views

CVE-2025-49930

7.1CVSS0.00075EPSS

Exploits0References1

NVD•added 2025/10/22 3:15 p.m.•4 views

CVE-2025-49931

9.3CVSS0.00034EPSS

Exploits0References1

Vulnrichment•added 2025/10/22 2:32 p.m.•2 views

CVE-2025-49930 WordPress JetSearch plugin <= 3.5.10 - Cross Site Scripting (XSS) vulnerability

7.1CVSS5.2AI score0.00075EPSS

Exploits0References1

CVE•added 2025/10/22 2:32 p.m.•7 views

CVE-2025-49930

The CVE-2025-49930 entry concerns the WordPress JetSearch plugin (versions through 3.5.10). The vulnerability is a Reflected Cross-Site Scripting (XSS) caused by improper neutralization of input during web page generation in the jet-search component. Impact per the provided data is reflected XSS ...

7.1CVSS5.9AI score0.00075EPSS

Exploits0References1

Cvelist•added 2025/10/22 2:32 p.m.•6 views

CVE-2025-49930 WordPress JetSearch plugin <= 3.5.10 - Cross Site Scripting (XSS) vulnerability

7.1CVSS0.00075EPSS

Exploits0References1

CVE•added 2025/10/22 2:32 p.m.•16 views

CVE-2025-49931

Summary: CVE-2025-49931 affects CrocoBlock JetSearch (JetSearch) WordPress plugin versions through 3.5.10. The flaw is an improper neutralization of special elements in SQL commands, enabling Blind SQL Injection. Affected component is the JetSearch PHP/SQL handling path (the credentialed root cau...

9.3CVSS5.9AI score0.00034EPSS

Exploits0References1

Vulnrichment•added 2025/10/22 2:32 p.m.•4 views

CVE-2025-49931 WordPress JetSearch plugin <= 3.5.10 - SQL Injection vulnerability

9.3CVSS5.6AI score0.00034EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by