cbcvebase.

Crocoblock Jetelements For Elementor vulnerabilities

13 known vulnerabilities affecting crocoblock/jetelements_for_elementor.

Total CVEs
13
CISA KEV
0
Public exploits
0
Exploited in wild
1
Severity breakdown
CRITICAL1HIGH4MEDIUM8

Vulnerabilities

Page 1 of 1
CVE-2023-48760P2CRITICALCVSS 9.8Exploited≥ n/a, ≤ 2.6.132024-06-19
CVE-2023-48760 [CRITICAL] CWE-862 CVE-2023-48760: Missing Authorization vulnerability in Crocoblock JetElements For Elementor.This issue affects JetEl Missing Authorization vulnerability in Crocoblock JetElements For Elementor.This issue affects JetElements For Elementor: from n/a through 2.6.13.
nvd
CVE-2023-39157P3HIGHCVSS 8.8≥ n/a, ≤ 2.6.102023-12-31
CVE-2023-39157 [HIGH] CWE-94 CVE-2023-39157: Improper Control of Generation of Code ('Code Injection') vulnerability in Crocoblock JetElements Fo Improper Control of Generation of Code ('Code Injection') vulnerability in Crocoblock JetElements For Elementor.This issue affects JetElements For Elementor: from n/a through 2.6.10.
nvd
CVE-2025-39447P3HIGHCVSS 7.5≤ 2.7.4.12025-05-19
CVE-2025-39447 [HIGH] CWE-862 CVE-2025-39447: Missing Authorization vulnerability in Crocoblock JetElements For Elementor jet-elements allows Acce Missing Authorization vulnerability in Crocoblock JetElements For Elementor jet-elements allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects JetElements For Elementor: from n/a through <= 2.7.4.1.
nvd
CVE-2023-48759P3HIGHCVSS 7.5≥ n/a, ≤ 2.6.132024-06-19
CVE-2023-48759 [HIGH] CWE-862 CVE-2023-48759: Missing Authorization vulnerability in Crocoblock JetElements For Elementor.This issue affects JetEl Missing Authorization vulnerability in Crocoblock JetElements For Elementor.This issue affects JetElements For Elementor: from n/a through 2.6.13.
nvd
CVE-2023-48762P3HIGHCVSS 8.8fixed in 2.6.13.1≥ n/a, ≤ 2.6.132023-12-18
CVE-2023-48762 [HIGH] CWE-352 CVE-2023-48762: Cross-Site Request Forgery (CSRF) vulnerability in Crocoblock JetElements For Elementor.This issue a Cross-Site Request Forgery (CSRF) vulnerability in Crocoblock JetElements For Elementor.This issue affects JetElements For Elementor: from n/a through 2.6.13.
nvd
CVE-2023-48761P3MEDIUMCVSS 6.3≥ n/a, ≤ 2.6.132024-06-19
CVE-2023-48761 [MEDIUM] CWE-862 CVE-2023-48761: Missing Authorization vulnerability in Crocoblock JetElements For Elementor.This issue affects JetEl Missing Authorization vulnerability in Crocoblock JetElements For Elementor.This issue affects JetElements For Elementor: from n/a through 2.6.13.
nvd
CVE-2025-53983P4MEDIUMCVSS 6.5≤ 2.7.72025-08-20
CVE-2025-53983 [MEDIUM] CWE-201 CVE-2025-53983: Insertion of Sensitive Information Into Sent Data vulnerability in Crocoblock JetElements For Elemen Insertion of Sensitive Information Into Sent Data vulnerability in Crocoblock JetElements For Elementor jet-elements allows Retrieve Embedded Sensitive Data.This issue affects JetElements For Elementor: from n/a through <= 2.7.7.
nvd
CVE-2025-49939P4MEDIUMCVSS 6.5≤ 2.7.82025-10-22
CVE-2025-49939 [MEDIUM] CWE-79 CVE-2025-49939: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetElements For Elementor jet-elements allows Stored XSS.This issue affects JetElements For Elementor: from n/a through <= 2.7.8.
nvd
CVE-2025-53982P4MEDIUMCVSS 6.5≤ 2.7.72025-07-16
CVE-2025-53982 [MEDIUM] CWE-79 CVE-2025-53982: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetElements For Elementor jet-elements allows Stored XSS.This issue affects JetElements For Elementor: from n/a through <= 2.7.7.
nvd
CVE-2026-24958P4MEDIUMCVSS 6.5≤ 2.7.12.22026-02-03
CVE-2026-24958 [MEDIUM] CWE-79 CVE-2026-24958: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetElements For Elementor jet-elements allows DOM-Based XSS.This issue affects JetElements For Elementor: from n/a through <= 2.7.12.2.
nvd
CVE-2025-55714P4MEDIUMCVSS 6.5≤ 2.7.92025-08-14
CVE-2025-55714 [MEDIUM] CWE-79 CVE-2025-55714: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetElements For Elementor jet-elements allows Stored XSS.This issue affects JetElements For Elementor: from n/a through <= 2.7.9.
nvd
CVE-2025-64355P4MEDIUMCVSS 6.5≤ 2.7.122025-12-18
CVE-2025-64355 [MEDIUM] CWE-79 CVE-2025-64355: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetElements For Elementor jet-elements allows DOM-Based XSS.This issue affects JetElements For Elementor: from n/a through <= 2.7.12.
nvd
CVE-2025-39448P4MEDIUMCVSS 6.5≤ 2.7.4.12025-05-19
CVE-2025-39448 [MEDIUM] CWE-79 CVE-2025-39448: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetElements For Elementor jet-elements allows Stored XSS.This issue affects JetElements For Elementor: from n/a through <= 2.7.4.1.
nvd
Crocoblock Jetelements For Elementor vulnerabilities | cvebase