cbcvebase.

Jetmonsters Jetformbuilder vulnerabilities

5 known vulnerabilities affecting jetmonsters/jetformbuilder.

Total CVEs
5
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH2MEDIUM2

Vulnerabilities

Page 1 of 1
CVE-2026-32525P2CRITICALCVSS 9.9≥ n/a, ≤ <= 3.5.6.12026-03-25
CVE-2026-32525 [CRITICAL] CWE-94 CVE-2026-32525: Improper Control of Generation of Code ('Code Injection') vulnerability in jetmonsters JetFormBuilde Improper Control of Generation of Code ('Code Injection') vulnerability in jetmonsters JetFormBuilder jetformbuilder allows Code Injection.This issue affects JetFormBuilder: from n/a through <= 3.5.6.1.
nvd
CVE-2025-53990P3HIGHCVSS 7.2≤ 3.5.1.22025-07-16
CVE-2025-53990 [HIGH] CWE-502 CVE-2025-53990: Deserialization of Untrusted Data vulnerability in jetmonsters JetFormBuilder jetformbuilder allows Deserialization of Untrusted Data vulnerability in jetmonsters JetFormBuilder jetformbuilder allows Object Injection.This issue affects JetFormBuilder: from n/a through <= 3.5.1.2.
nvd
CVE-2025-64384P4MEDIUMCVSS 5.3≤ 3.5.32025-11-13
CVE-2025-64384 [MEDIUM] CWE-862 CVE-2025-64384: Missing Authorization vulnerability in jetmonsters JetFormBuilder jetformbuilder allows Exploiting I Missing Authorization vulnerability in jetmonsters JetFormBuilder jetformbuilder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JetFormBuilder: from n/a through <= 3.5.3.
nvd
CVE-2026-54195HIGHCVSS 7.1≥ n/a, ≤ 3.6.0.12026-06-17
CVE-2026-54195 [HIGH] CWE-79 WordPress JetFormBuilder plugin <= 3.6.0.1 - Cross Site Scripting (XSS) vulnerability WordPress JetFormBuilder plugin <= 3.6.0.1 - Cross Site Scripting (XSS) vulnerability Unauthenticated Cross Site Scripting (XSS) in JetFormBuilder <= 3.6.0.1 versions.
cvelistv5
CVE-2026-54196MEDIUMCVSS 6.8≥ n/a, ≤ 3.6.12026-06-17
CVE-2026-54196 [MEDIUM] CWE-266 WordPress JetFormBuilder plugin <= 3.6.1 - Privilege Escalation vulnerability WordPress JetFormBuilder plugin <= 3.6.1 - Privilege Escalation vulnerability Subscriber Privilege Escalation in JetFormBuilder <= 3.6.1 versions.
cvelistv5
Jetmonsters Jetformbuilder vulnerabilities | cvebase