Jetmonsters Jetformbuilder vulnerabilities
5 known vulnerabilities affecting jetmonsters/jetformbuilder.
Total CVEs
5
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH2MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2026-32525P2CRITICALCVSS 9.9≥ n/a, ≤ <= 3.5.6.12026-03-25
CVE-2026-32525 [CRITICAL] CWE-94 CVE-2026-32525: Improper Control of Generation of Code ('Code Injection') vulnerability in jetmonsters JetFormBuilde
Improper Control of Generation of Code ('Code Injection') vulnerability in jetmonsters JetFormBuilder jetformbuilder allows Code Injection.This issue affects JetFormBuilder: from n/a through <= 3.5.6.1.
nvd
CVE-2025-53990P3HIGHCVSS 7.2≤ 3.5.1.22025-07-16
CVE-2025-53990 [HIGH] CWE-502 CVE-2025-53990: Deserialization of Untrusted Data vulnerability in jetmonsters JetFormBuilder jetformbuilder allows
Deserialization of Untrusted Data vulnerability in jetmonsters JetFormBuilder jetformbuilder allows Object Injection.This issue affects JetFormBuilder: from n/a through <= 3.5.1.2.
nvd
CVE-2025-64384P4MEDIUMCVSS 5.3≤ 3.5.32025-11-13
CVE-2025-64384 [MEDIUM] CWE-862 CVE-2025-64384: Missing Authorization vulnerability in jetmonsters JetFormBuilder jetformbuilder allows Exploiting I
Missing Authorization vulnerability in jetmonsters JetFormBuilder jetformbuilder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JetFormBuilder: from n/a through <= 3.5.3.
nvd
CVE-2026-54195HIGHCVSS 7.1≥ n/a, ≤ 3.6.0.12026-06-17
CVE-2026-54195 [HIGH] CWE-79 WordPress JetFormBuilder plugin <= 3.6.0.1 - Cross Site Scripting (XSS) vulnerability
WordPress JetFormBuilder plugin <= 3.6.0.1 - Cross Site Scripting (XSS) vulnerability
Unauthenticated Cross Site Scripting (XSS) in JetFormBuilder <= 3.6.0.1 versions.
cvelistv5
CVE-2026-54196MEDIUMCVSS 6.8≥ n/a, ≤ 3.6.12026-06-17
CVE-2026-54196 [MEDIUM] CWE-266 WordPress JetFormBuilder plugin <= 3.6.1 - Privilege Escalation vulnerability
WordPress JetFormBuilder plugin <= 3.6.1 - Privilege Escalation vulnerability
Subscriber Privilege Escalation in JetFormBuilder <= 3.6.1 versions.
cvelistv5