Crocoblock Jetsearch
6 CVEs affecting Crocoblock Jetsearch. Latest disclosed: 2025-12-29. Critical: 1, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-49931 | Critical | 9.3 | 2025-10-22 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Crocoblock JetSearch jet-search allows Blind SQL Injectio… |
CVE-2025-49930 | High | 7.1 | 2025-10-22 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetSearch jet-search allows Reflected XSS.This… |
CVE-2025-68504 | Medium | 6.5 | 2025-12-29 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetSearch jet-search allows DOM-Based XSS.This… |
CVE-2025-53996 | Medium | 6.5 | 2025-07-16 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetSearch jet-search allows Stored XSS.This is… |
CVE-2025-31043 | Medium | 6.5 | 2025-03-31 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetSearch jet-search allows DOM-Based XSS.This… |
CVE-2024-7136 | Medium | 6.4 | 2024-08-16 | The JetSearch plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘id’ parameter in all versions up to, and including, 3.5.2 due to insuf… |