Crocoblock — Vulnerabilities & Security Advisories 87

Browse all 87 CVE security advisories affecting Crocoblock. AI-powered Chinese analysis, POCs, and references for each vulnerability.

CVE ID	Title	CVSS	Severity	Published
CVE-2025-22279	WordPress JetCompareWishlist plugin <= 1.5.9 - Local File Inclusion vulnerability — JetCompareWishlistCWE-98	7.5	High	2025-04-10
CVE-2025-30963	WordPress JetSmartFilters plugin <= 3.6.3 - Cross Site Scripting (XSS) vulnerability — JetSmartFiltersCWE-79	6.5	Medium	2025-03-31
CVE-2025-31412	WordPress JetProductGallery plugin <= 2.1.22 - Cross Site Scripting (XSS) vulnerability — JetProductGalleryCWE-79	6.5	Medium	2025-03-31
CVE-2025-30987	WordPress JetBlocks For Elementor plugin <= 1.3.16 - Cross Site Scripting (XSS) vulnerability — JetBlocks For ElementorCWE-79	6.5	Medium	2025-03-31
CVE-2025-31016	WordPress JetWooBuilder plugin <= 2.1.18 - Local File Inclusion vulnerability — JetWooBuilderCWE-98	7.5	High	2025-03-31
CVE-2025-31043	WordPress JetSearch plugin <= 3.5.7 - Cross Site Scripting (XSS) vulnerability — JetSearchCWE-79	6.5	Medium	2025-03-31
CVE-2025-0371	Jet Elements <= 2.7.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets — JetElementsCWE-79	6.4	Medium	2025-01-21
CVE-2025-0369	Jet Engine <= 3.6.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via list_tag Parameter — JetEngineCWE-79	6.4	Medium	2025-01-18
CVE-2023-48758	WordPress JetEngine plugin <= 3.2.4 - Broken Access Control vulnerability — JetEngineCWE-862	8.1	-	2025-01-02
CVE-2024-43221	WordPress JetGridBuilder plugin <= 1.1.2 - Local File Inclusion vulnerability — JetGridBuilderCWE-22	8.5	High	2024-08-19
CVE-2024-7144	JetElements <= 2.6.20 - Authenticated (Contributor+) Stored Cross-Site Scripting — JetElementsCWE-79	6.4	Medium	2024-08-16
CVE-2024-7145	JetElements <= 2.6.20 - Authenticated (Contributor+) Arbitrary Local File Inclusion — JetElementsCWE-22	8.8	High	2024-08-16
CVE-2024-7146	JetTabs <= 2.2.3 - Authenticated (Contributor+) Arbitrary Local File Inclusion — JetTabsCWE-22	8.8	High	2024-08-16
CVE-2024-7136	JetSearch <= 3.5.2 - Authenticated (Contributor+) Stored Cross-Site Scripting — JetSearchCWE-79	6.4	Medium	2024-08-16
CVE-2024-7147	JetBlocks <= 1.3.12 - Authenticated (Contributor+) Stored Cross-Site Scripting — JetBlocks for ElementorCWE-79	6.4	Medium	2024-08-16
CVE-2024-38772	WordPress JetWidgets for Elementor and WooCommerce plugin <= 1.1.7 - Contributor+ Limited Local File Inclusion vulnerability — JetWidgets for Elementor and WooCommerceCWE-22	6.5	Medium	2024-08-01
CVE-2024-37497	WordPress JetThemeCore plugin < 2.2.1 - Subscriber+ Arbitrary File Deletion vulnerability — JetThemeCoreCWE-22	7.7	High	2024-07-09
CVE-2023-48759	WordPress JetElements For Elementor plugin <= 2.6.13 - Unauthenticated Arbitrary Attachment Download vulnerability — JetElements For ElementorCWE-862	7.5	High	2024-06-19
CVE-2023-48760	WordPress JetElements For Elementor plugin <= 2.6.13 - Unauthenticated Broken Access Control vulnerability — JetElements For ElementorCWE-862	8.2	High	2024-06-19
CVE-2023-48761	WordPress JetElements For Elementor plugin <= 2.6.13 - Broken Access Control vulnerability — JetElements For ElementorCWE-862	6.3	Medium	2024-06-19
CVE-2023-48757	WordPress JetEngine plugin <= 3.2.4 - Privilege Escalation vulnerability — JetEngineCWE-269	8.8	High	2024-05-17
CVE-2023-37866	WordPress JetFormBuilder plugin <= 3.0.8 - Authenticated Privilege Escalation vulnerability — JetFormBuilderCWE-269	7.2	High	2024-05-17
CVE-2023-48763	WordPress JetFormBuilder plugin <= 3.1.4 - Content Injection vulnerability — JetFormBuilderCWE-80	5.3	Medium	2024-04-24
CVE-2023-39157	WordPress JetElements For Elementor Plugin <= 2.6.10 is vulnerable to Remote Code Execution (RCE) — JetElements For ElementorCWE-94	9.0	Critical	2023-12-31
CVE-2023-48762	WordPress JetElements For Elementor Plugin <= 2.6.13 is vulnerable to Cross Site Request Forgery (CSRF) — JetElements For ElementorCWE-352	6.3	Medium	2023-12-18
CVE-2023-48756	WordPress JetBlocks For Elementor Plugin <= 1.3.8 is vulnerable to Cross Site Scripting (XSS) — JetBlocks For ElementorCWE-79	7.1	High	2023-12-14
CVE-2023-33212	WordPress JetFormBuilder Plugin <= 3.0.6 is vulnerable to Cross Site Request Forgery (CSRF) — JetFormBuilder — Dynamic Blocks Form BuilderCWE-352	4.3	Medium	2023-05-28

This page lists every published CVE security advisory associated with Crocoblock. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.

Goal Reached Thanks to every supporter — we hit 100%!

Crocoblock — Vulnerabilities & Security Advisories 87