Vulnerabilities in Crocoblock
89 resultsCVE-2023-48758HIGHWordPress JetEngine plugin <= 3.2.4 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-7147MEDIUMJetBlocks <= 1.3.12 - Authenticated (Contributor+) Stored Cross-Site ScriptingEPSS 0.3%CVE-2024-7136MEDIUMJetSearch <= 3.5.2 - Authenticated (Contributor+) Stored Cross-Site ScriptingEPSS 0.3%CVE-2025-0371MEDIUMJet Elements <= 2.7.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple WidgetsEPSS 0.3%CVE-2026-3496HIGHJetBooking <= 4.0.3 - Unauthenticated SQL Injection via 'check_in_date' ParameterEPSS 0.3%CVE-2025-68503MEDIUMWordPress JetBlog plugin <= 2.4.7 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2023-48761MEDIUMWordPress JetElements For Elementor plugin <= 2.6.13 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-67923HIGHWordPress JetEngine plugin <= 3.7.7 - Cross Site Scripting (XSS) vulnerabilityEPSS 0.3%CVE-2023-33212MEDIUMWordPress JetFormBuilder Plugin <= 3.0.6 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2025-53195MEDIUMWordPress JetEngine plugin <= 3.7.0 - Cross Site Scripting (XSS) VulnerabilityEPSS 0.3%CVE-2024-7144MEDIUMJetElements <= 2.6.20 - Authenticated (Contributor+) Stored Cross-Site ScriptingEPSS 0.3%CVE-2023-48762MEDIUMWordPress JetElements For Elementor Plugin <= 2.6.13 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2025-68502MEDIUMWordPress JetPopup plugin <= 2.0.20.1 - Insecure Direct Object References (IDOR) vulnerabilityEPSS 0.2%CVE-2026-28134HIGHWordPress JetEngine plugin <= 3.7.2 - Remote Code Execution (RCE) vulnerabilityEPSS 0.2%CVE-2025-49930HIGHWordPress JetSearch plugin <= 3.5.10 - Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2025-26870MEDIUMWordPress JetEngine plugin <= 3.6.4.1 - Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2025-68498MEDIUMWordPress JetTabs plugin <= 2.2.12 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-53989MEDIUMWordPress JetBlocks For Elementor plugin <= 1.3.19 - Cross Site Scripting (XSS) VulnerabilityEPSS 0.2%CVE-2025-53994MEDIUMWordPress JetPopup plugin <= 2.0.15 - Cross Site Scripting (XSS) VulnerabilityEPSS 0.2%CVE-2025-53984MEDIUMWordPress JetTabs plugin <= 2.2.9 - Cross Site Scripting (XSS) VulnerabilityEPSS 0.2%