Support Us — Your donation helps us keep running

Goal: 1000 CNY,Raised: 1000 CNY

100.0%
Donate Now

jetmonsters — Vulnerabilities & Security Advisories 35

Browse all 35 CVE security advisories affecting jetmonsters. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top 10 Products jetmonsters:Getwid – Gutenberg BlocksJetWidgets For ElementorStratum Widgets for ElementorJetFormBuilder — Dynamic Blocks Form BuilderRestaurant Menu by MotoPressJetFormBuilderTimetable and Event Schedule by MotoPressMotoPress Hotel BookingMega Menu BlockGetwidHotel Booking LiteStratum
CVE IDTitleCVSSSeverityPaused
CVE-2026-32525 WordPress JetFormBuilder plugin <= 3.5.6.1 - Remote Code Execution (RCE) vulnerability — JetFormBuilderCWE-94 9.8 -2026-03-25
CVE-2026-4373 JetFormBuilder <= 3.5.6.2 - Unauthenticated Arbitrary File Read via Media Field — JetFormBuilder — Dynamic Blocks Form BuilderCWE-36 7.5 High2026-03-21
CVE-2025-69013 WordPress Stratum plugin <= 1.6.1 - Broken Access Control vulnerability — StratumCWE-862 4.3 Medium2025-12-30
CVE-2025-66078 WordPress Hotel Booking Lite plugin <= 5.2.3 - Remote Code Execution (RCE) vulnerability — Hotel Booking LiteCWE-94 9.1 Critical2025-12-18
CVE-2025-49914 WordPress Restaurant Menu by MotoPress plugin <= 2.4.7 - Sensitive Data Exposure vulnerability — Restaurant Menu by MotoPressCWE-497 6.2AIMediumAI2025-12-18
CVE-2025-11991 JetFormBuilder <= 3.5.3 - Missing Authorization to Unauthenticated Form Generation — JetFormBuilder — Dynamic Blocks Form BuilderCWE-862 5.3 Medium2025-12-16
CVE-2025-8195 JetWidgets For Elementor <= 1.0.20 - Authenticated (Contributor+) Stored Cross-Site Scripting via Image Comparison and Subscribe Widgets — JetWidgets For ElementorCWE-79 6.4 Medium2025-12-13
CVE-2025-64384 WordPress JetFormBuilder plugin <= 3.5.3 - Broken Access Control vulnerability — JetFormBuilderCWE-862 5.3 Medium2025-11-13
CVE-2025-58252 WordPress Getwid Plugin <= 2.1.2 - Sensitive Data Exposure Vulnerability — GetwidCWE-201 4.3 Medium2025-09-22
CVE-2025-7845 Stratum – Elementor Widgets <= 1.6.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Advanced Google Maps and Image Hotspot Widgets — Stratum Widgets for ElementorCWE-79 6.4 Medium2025-08-01
CVE-2025-54038 WordPress Restaurant Menu by MotoPress plugin <= 2.4.6 - Cross Site Request Forgery (CSRF) Vulnerability — Restaurant Menu by MotoPressCWE-352 5.4 Medium2025-07-16
CVE-2025-53990 WordPress JetFormBuilder plugin <= 3.5.1.2 - PHP Object Injection Vulnerability — JetFormBuilderCWE-502 7.2 High2025-07-16
CVE-2025-48258 WordPress Mega Menu Block plugin <= 1.0.6 - Cross Site Scripting (XSS) Vulnerability — Mega Menu BlockCWE-79 6.5 Medium2025-05-19
CVE-2025-30846 WordPress Restaurant Menu by MotoPress plugin <= 2.4.4 - Local File Inclusion vulnerability — Restaurant Menu by MotoPressCWE-98 8.8 High2025-03-27
CVE-2024-13642 Stratum – Elementor Widgets <= 1.4.7 - Authenticated (Contributor+) Stored Cross-Site Scripting Vulnerability via Image Hotspot Widget — Stratum Widgets for ElementorCWE-79 6.4 Medium2025-01-30
CVE-2024-10316 Stratum – Elementor Widgets <= 1.4.4 - Authenticated (Contributor+) Sensitive Information Exposure via Elementor Templates — Stratum Widgets for ElementorCWE-200 4.3 Medium2024-11-21
CVE-2024-10872 Getwid – Gutenberg Blocks <= 2.0.12 - Authenticated (Contributor+) Stored Cross-Site Scripting — Getwid – Gutenberg BlocksCWE-79 6.4 Medium2024-11-20
CVE-2024-10323 JetWidgets For Elementor <= 1.0.18 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload — JetWidgets For ElementorCWE-79 6.4 Medium2024-11-12
CVE-2020-36840 Timetable and Event Schedule by MotoPress <= 2.3.8 - Missing Authorization — Timetable and Event Schedule by MotoPressCWE-862 7.3 High2024-10-16
CVE-2024-7291 JetFormBuilder <= 3.3.4.1 - Authenticated (Administrator+) Privilege Escalation — JetFormBuilder — Dynamic Blocks Form BuilderCWE-269 7.2 High2024-08-03
CVE-2024-6489 Getwid – Gutenberg Blocks <= 2.0.10 - Missing Authorization to Google API key update — Getwid – Gutenberg BlocksCWE-862 5.3 Medium2024-07-20
CVE-2024-6491 Getwid – Gutenberg Blocks <= 2.0.10 - Missing Authentication to MailChimp API key update — Getwid – Gutenberg BlocksCWE-862 4.3 Medium2024-07-20
CVE-2024-4626 JetWidgets For Elementor <= 1.0.17 - Authenticated (Contributor+) Stored Cross-Site Scripting via layout_type and id Parameters — JetWidgets For ElementorCWE-79 6.4 Medium2024-06-20
CVE-2024-5611 Stratum – Elementor Widgets <= 1.4.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Countdown Widget — Stratum Widgets for ElementorCWE-79 6.4 Medium2024-06-15
CVE-2024-4413 Hotel Booking Lite <= 4.11.1 - Unauthenticated PHP Object Injection — MotoPress Hotel BookingCWE-502 9.8 Critical2024-05-10
CVE-2024-3588 Getwid – Gutenberg Blocks <= 2.0.7 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via 'Countdown' — Getwid – Gutenberg BlocksCWE-79 6.4 Medium2024-05-02
CVE-2024-3342 Timetable and Event Schedule by MotoPress <= 2.4.11 - Authenticated (Contributor+) SQL Injection — Timetable and Event Schedule by MotoPressCWE-89 9.9 Critical2024-04-27
CVE-2024-2138 JetWidgets For Elementor <= 1.0.15 - Authenticated (Contributor+) Stored Cross-Site Scripting via Animated Box Widget — JetWidgets For ElementorCWE-79 6.4 Medium2024-04-09
CVE-2024-2507 JetWidgets For Elementor <= 1.0.16 - Authenticated(Contributor+) Stored Cross-Site Scripting via Widget Button URL — JetWidgets For ElementorCWE-79 6.4 Medium2024-04-09
CVE-2024-1948 Getwid – Gutenberg Blocks <= 2.0.5 - Authenticated(Contributor+) Stored Cross-Site Scripting via Block Content — Getwid – Gutenberg BlocksCWE-79 6.4 Medium2024-04-09

This page lists every published CVE security advisory associated with jetmonsters. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.