Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Crocoblock — Vulnerabilities & Security Advisories 87

Browse all 87 CVE security advisories affecting Crocoblock. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by Crocoblock:JetEngineJetElements For ElementorJetBlocks For ElementorJetTabsJetSearchJetBlogJetPopupJetWooBuilderJetTricksJetSmartFiltersJetElementsJetMenuJetProductGalleryJetReviewsJetFormBuilderJetFormBuilder — Dynamic Blocks Form BuilderJetBookingJetCompareWishlistJetGridBuilderJetWidgets for Elementor and WooCommerceJetThemeCore
CVE IDTitleCVSSSeverityPublished
CVE-2026-4352 JetEngine <= 3.8.6.1 - Unauthenticated SQL Injection via '_cct_search' Parameter — JetEngineCWE-89 7.5 High2026-04-14
CVE-2026-4662 JetEngine <= 3.8.6.1 - Unauthenticated SQL Injection via Listing Grid 'filtered_query' Parameter — JetEngineCWE-89 7.5 High2026-03-24
CVE-2026-32355 WordPress JetEngine plugin < 3.8.4.1 - Deserialization of untrusted data vulnerability — JetEngineCWE-502 9.8 -2026-03-13
CVE-2026-3496 JetBooking <= 4.0.3 - Unauthenticated SQL Injection via 'check_in_date' Parameter — JetBookingCWE-89 7.5 High2026-03-11
CVE-2026-28134 WordPress JetEngine plugin <= 3.7.2 - Remote Code Execution (RCE) vulnerability — JetEngineCWE-94 9.8 -2026-03-05
CVE-2025-68495 WordPress JetEngine plugin <= 3.8.0 - Reflected Cross Site Scripting (XSS) vulnerability — JetEngineCWE-79 6.1AIMediumAI2026-02-20
CVE-2026-24958 WordPress JetElements For Elementor plugin <= 2.7.12.2 - Cross Site Scripting (XSS) vulnerability — JetElements For ElementorCWE-79 6.1AIMediumAI2026-02-03
CVE-2025-67923 WordPress JetEngine plugin <= 3.7.7 - Cross Site Scripting (XSS) vulnerability — JetEngineCWE-79 6.1AIMediumAI2026-01-22
CVE-2025-69333 WordPress JetEngine plugin <= 3.8.1.1 - Broken Access Control vulnerability — JetEngineCWE-862 4.3 Medium2026-01-07
CVE-2025-68498 WordPress JetTabs plugin <= 2.2.12 - Broken Access Control vulnerability — JetTabsCWE-862 6.5 Medium2025-12-29
CVE-2025-68499 WordPress JetTabs plugin <= 2.2.12 - Cross Site Scripting (XSS) vulnerability — JetTabsCWE-79 6.5 Medium2025-12-29
CVE-2025-68502 WordPress JetPopup plugin <= 2.0.20.1 - Insecure Direct Object References (IDOR) vulnerability — JetPopupCWE-639 4.3 Medium2025-12-29
CVE-2025-68503 WordPress JetBlog plugin <= 2.4.7 - Broken Access Control vulnerability — JetBlogCWE-862 6.5 Medium2025-12-29
CVE-2025-68504 WordPress JetSearch plugin <= 3.5.16 - Cross Site Scripting (XSS) vulnerability — JetSearchCWE-79 6.5 Medium2025-12-29
CVE-2025-64355 WordPress JetElements For Elementor plugin <= 2.7.12 - Cross Site Scripting (XSS) vulnerability — JetElements For ElementorCWE-79 6.5 Medium2025-12-18
CVE-2025-49939 WordPress JetElements For Elementor plugin <= 2.7.8 - Cross Site Scripting (XSS) vulnerability — JetElements For ElementorCWE-79 5.4AIMediumAI2025-10-22
CVE-2025-49938 WordPress JetEngine plugin <= 3.7.3 - Cross Site Scripting (XSS) vulnerability — JetEngineCWE-79 5.4AIMediumAI2025-10-22
CVE-2025-49933 WordPress JetBlog plugin <= 2.4.4 - Cross Site Scripting (XSS) vulnerability — JetBlogCWE-79 6.1AIMediumAI2025-10-22
CVE-2025-49934 WordPress JetBlocks For Elementor plugin <= 1.3.18 - Cross Site Scripting (XSS) vulnerability — JetBlocks For ElementorCWE-79 6.5 Medium2025-10-22
CVE-2025-49931 WordPress JetSearch plugin <= 3.5.10 - SQL Injection vulnerability — JetSearchCWE-89 9.3 Critical2025-10-22
CVE-2025-49930 WordPress JetSearch plugin <= 3.5.10 - Cross Site Scripting (XSS) vulnerability — JetSearchCWE-79 6.1AIMediumAI2025-10-22
CVE-2025-49932 WordPress JetBlog plugin <= 2.4.4.1 - Cross Site Scripting (XSS) vulnerability — JetBlogCWE-79 5.4AIMediumAI2025-10-22
CVE-2025-49928 WordPress JetWooBuilder plugin <= 2.1.20 - Cross Site Scripting (XSS) vulnerability — JetWooBuilderCWE-79 6.1AIMediumAI2025-10-22
CVE-2025-49927 WordPress JetWooBuilder plugin <= 2.1.20.1 - Cross Site Scripting (XSS) vulnerability — JetWooBuilderCWE-79 5.4AIMediumAI2025-10-22
CVE-2025-49921 WordPress JetReviews plugin <= 3.0.0 - Local File Inclusion vulnerability — JetReviewsCWE-98 7.5 High2025-10-22
CVE-2025-53194 WordPress JetEngine <= 3.7.0 - Remote Code Execution (RCE) Vulnerability — JetEngineCWE-82 8.5 High2025-08-20
CVE-2025-53195 WordPress JetEngine plugin <= 3.7.0 - Cross Site Scripting (XSS) Vulnerability — JetEngineCWE-79 6.5 Medium2025-08-20
CVE-2025-53196 WordPress JetEngine <= 3.7.0 - Sensitive Data Exposure Vulnerability — JetEngineCWE-201 7.5 -2025-08-20
CVE-2025-53983 WordPress JetElements For Elementor <= 2.7.7 - Sensitive Data Exposure Vulnerability — JetElements For ElementorCWE-201 7.5 -2025-08-20
CVE-2025-53985 WordPress JetTabs <= 2.2.9 - Sensitive Data Exposure Vulnerability — JetTabsCWE-201 7.5 -2025-08-20

This page lists every published CVE security advisory associated with Crocoblock. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.