5 matches found
EUVD-2025-10937
Malicious code in bioql PyPI...
CVE-2025-26958
Missing Authorization vulnerability in Crocoblock JetBlog jet-blog allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects JetBlog: from n/a through = 2.4.3...
CVE-2025-26744
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Crocoblock JetBlog jet-blog allows DOM-Based XSS.This issue affects JetBlog: from n/a through = 2.4.3...
CVE-2025-26958
CVE-2025-26958 affects the WordPress Crocoblock JetBlog (JetBlog for Elementor) up to version 2.4.3. The issue is a Missing Authorization vulnerability that permits accessing functionality not properly constrained by ACLs. Reported across multiple sources (including Patchstack and CVE registries)...
CVE-2025-26744
CVE-2025-26744 is an authenticated stored XSS vulnerability in JetBlog for Elementor. Affected software is JetBlog up to version 2.4.3 (noted as up to 2.4.3 in sources). Wordfence documentation indicates the issue was addressed with JetBlog 2.4.3 (patched). The connected documents also reference ...