Skip to main content

Jetblocks For Elementor

2 CVEs product

Monthly

CVE-2026-61976 MEDIUM This Month

Sensitive system information exposure in Crocoblock JetBlocks For Elementor (versions through 1.5.0) allows remote unauthenticated attackers to retrieve embedded sensitive data from affected WordPress installations. The flaw, classified under CWE-497, results in unauthorized disclosure of system-level information that should remain restricted to privileged contexts. No public exploit code or active exploitation has been identified at time of analysis, but the absence of authentication requirements lowers the barrier for opportunistic reconnaissance against any site running the vulnerable plugin version.

Information Disclosure Jetblocks For Elementor
NVD VulDB
CVSS 3.1
5.3
EPSS
0.3%
CVE-2023-48756 HIGH This Week

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetBlocks For Elementor allows Reflected XSS.3.8. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Jetblocks For Elementor Elementor
NVD
CVSS 3.1
7.1
EPSS
0.2%
EPSS 0% CVSS 5.3
MEDIUM This Month

Sensitive system information exposure in Crocoblock JetBlocks For Elementor (versions through 1.5.0) allows remote unauthenticated attackers to retrieve embedded sensitive data from affected WordPress installations. The flaw, classified under CWE-497, results in unauthorized disclosure of system-level information that should remain restricted to privileged contexts. No public exploit code or active exploitation has been identified at time of analysis, but the absence of authentication requirements lowers the barrier for opportunistic reconnaissance against any site running the vulnerable plugin version.

Information Disclosure Jetblocks For Elementor
NVD VulDB
EPSS 0% CVSS 7.1
HIGH This Week

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetBlocks For Elementor allows Reflected XSS.3.8. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Jetblocks For Elementor Elementor
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy