GCVE - cpe:2.3:a:crocoblock:jetelements_for

Approved changes feed: RSS · Atom

cpe:2.3:a:crocoblock:jetelements_for_elementor:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Crocoblock (`ef7ce6af-89c8-5e74-9d86-961d95db36f9`)
Product	Jetelements For Elementor (`e1684597-dd5a-5b94-b315-ee74a7ab1b20`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2026-24958`	vulnerable	2026-06-03 15:16:53.676685	WordPress JetElements For Elementor plugin <= 2.7.12.2 - Cross Site Scripting (XSS) vulnerability MEDIUM (6.5) Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetElements For Elementor jet-elements allows DOM-Based XSS.This issue affects JetElements For Elementor: from n/a through <= 2.7.12.2. Published: 2026-02-03T14:08:34.584Z Updated: 2026-04-28T16:14:51.923Z Open on db.gcve.eu Reference links https://patchstack.com/database/Wordpress/Plugin/jet-elements/vulnerability/wordpress-jetelements-for-elementor-plugin-2-7-12-2-cross-site-scripting-xss-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-64355`	vulnerable	2026-06-03 15:09:37.799567	WordPress JetElements For Elementor plugin <= 2.7.12 - Cross Site Scripting (XSS) vulnerability MEDIUM (6.5) Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetElements For Elementor jet-elements allows DOM-Based XSS.This issue affects JetElements For Elementor: from n/a through <= 2.7.12. Published: 2025-12-18T16:16:33.764Z Updated: 2026-04-28T16:14:14.266Z Open on db.gcve.eu Reference links https://patchstack.com/database/Wordpress/Plugin/jet-elements/vulnerability/wordpress-jetelements-for-elementor-plugin-2-7-12-cross-site-scripting-xss-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-55714`	vulnerable	2026-06-03 15:04:59.057266	WordPress JetElements For Elementor Plugin <= 2.7.9 - Cross Site Scripting (XSS) Vulnerability MEDIUM (6.5) Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetElements For Elementor jet-elements allows Stored XSS.This issue affects JetElements For Elementor: from n/a through <= 2.7.9. Published: 2025-08-14T18:21:24.869Z Updated: 2026-04-28T16:13:37.418Z Open on db.gcve.eu Reference links https://patchstack.com/database/Wordpress/Plugin/jet-elements/vulnerability/wordpress-jetelements-for-elementor-plugin-plugin-2-7-9-cross-site-scripting-xss-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-53983`	vulnerable	2026-06-03 15:03:55.413632	WordPress JetElements For Elementor <= 2.7.7 - Sensitive Data Exposure Vulnerability MEDIUM (6.5) Insertion of Sensitive Information Into Sent Data vulnerability in Crocoblock JetElements For Elementor jet-elements allows Retrieve Embedded Sensitive Data.This issue affects JetElements For Elementor: from n/a through <= 2.7.7. Published: 2025-08-20T08:03:09.330Z Updated: 2026-04-29T09:51:55.603Z Open on db.gcve.eu Reference links https://patchstack.com/database/Wordpress/Plugin/jet-elements/vulnerability/wordpress-jetelements-for-elementor-2-7-7-sensitive-data-exposure-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-53982`	vulnerable	2026-06-03 15:03:55.413292	WordPress JetElements For Elementor plugin <= 2.7.7 - Cross Site Scripting (XSS) Vulnerability MEDIUM (6.5) Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetElements For Elementor jet-elements allows Stored XSS.This issue affects JetElements For Elementor: from n/a through <= 2.7.7. Published: 2025-07-16T10:36:10.369Z Updated: 2026-04-28T16:13:27.132Z Open on db.gcve.eu Reference links https://patchstack.com/database/Wordpress/Plugin/jet-elements/vulnerability/wordpress-jetelements-for-elementor-plugin-2-7-7-cross-site-scripting-xss-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-49939`	vulnerable	2026-06-03 15:01:46.349074	WordPress JetElements For Elementor plugin <= 2.7.8 - Cross Site Scripting (XSS) vulnerability MEDIUM (6.5) Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetElements For Elementor jet-elements allows Stored XSS.This issue affects JetElements For Elementor: from n/a through <= 2.7.8. Published: 2025-10-22T14:32:17.061Z Updated: 2026-04-28T20:26:11.314Z Open on db.gcve.eu Reference links https://patchstack.com/database/Wordpress/Plugin/jet-elements/vulnerability/wordpress-jetelements-for-elementor-plugin-2-7-8-cross-site-scripting-xss-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-39448`	vulnerable	2026-06-03 15:01:02.381572	WordPress JetElements For Elementor plugin <= 2.7.4.1 - Cross Site Scripting (XSS) vulnerability MEDIUM (6.5) Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetElements For Elementor jet-elements allows Stored XSS.This issue affects JetElements For Elementor: from n/a through <= 2.7.4.1. Published: 2025-05-19T17:33:17.762Z Updated: 2026-04-28T16:12:31.890Z Open on db.gcve.eu Reference links https://patchstack.com/database/Wordpress/Plugin/jet-elements/vulnerability/wordpress-jetelements-for-elementor-plugin-2-7-4-1-cross-site-scripting-xss-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-39447`	vulnerable	2026-06-03 15:01:02.381216	WordPress JetElements For Elementor plugin <= 2.7.4.1 - Broken Access Control Vulnerability HIGH (7.5) Missing Authorization vulnerability in Crocoblock JetElements For Elementor jet-elements allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects JetElements For Elementor: from n/a through <= 2.7.4.1. Published: 2025-05-19T18:51:31.986Z Updated: 2026-04-29T09:51:55.028Z Open on db.gcve.eu Reference links https://patchstack.com/database/Wordpress/Plugin/jet-elements/vulnerability/wordpress-jetelements-for-elementor-2-7-4-1-broken-access-control-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-48762`	vulnerable	2026-06-03 14:53:19.762447	WordPress JetElements For Elementor Plugin <= 2.6.13 is vulnerable to Cross Site Request Forgery (CSRF) MEDIUM (6.3) Cross-Site Request Forgery (CSRF) vulnerability in Crocoblock JetElements For Elementor.This issue affects JetElements For Elementor: from n/a through 2.6.13. Published: 2023-12-18T16:16:41.450Z Updated: 2026-04-28T16:08:54.962Z Open on db.gcve.eu Reference links https://patchstack.com/database/vulnerability/jet-elements/wordpress-jetelements-for-elementor-plugin-2-6-13-cross-site-request-forgery-csrf-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-48761`	vulnerable	2026-06-03 14:53:19.762056	WordPress JetElements For Elementor plugin <= 2.6.13 - Broken Access Control vulnerability MEDIUM (6.3) Missing Authorization vulnerability in Crocoblock JetElements For Elementor.This issue affects JetElements For Elementor: from n/a through 2.6.13. Published: 2024-06-19T10:20:17.368Z Updated: 2026-04-28T16:08:54.940Z Open on db.gcve.eu Reference links https://patchstack.com/database/vulnerability/jet-elements/wordpress-jetelements-for-elementor-plugin-2-6-13-broken-access-control-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-48760`	vulnerable	2026-06-03 14:53:19.761675	WordPress JetElements For Elementor plugin <= 2.6.13 - Unauthenticated Broken Access Control vulnerability HIGH (8.2) Missing Authorization vulnerability in Crocoblock JetElements For Elementor.This issue affects JetElements For Elementor: from n/a through 2.6.13. Published: 2024-06-19T10:21:33.025Z Updated: 2026-04-28T16:08:54.933Z Open on db.gcve.eu Reference links https://patchstack.com/database/vulnerability/jet-elements/wordpress-jetelements-for-elementor-plugin-2-6-13-unauthenticated-broken-access-control-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-48759`	vulnerable	2026-06-03 14:53:19.760596	WordPress JetElements For Elementor plugin <= 2.6.13 - Unauthenticated Arbitrary Attachment Download vulnerability HIGH (7.5) Missing Authorization vulnerability in Crocoblock JetElements For Elementor.This issue affects JetElements For Elementor: from n/a through 2.6.13. Published: 2024-06-19T10:32:09.929Z Updated: 2026-04-28T16:08:54.995Z Open on db.gcve.eu Reference links https://patchstack.com/database/vulnerability/jet-elements/wordpress-jetelements-for-elementor-plugin-2-6-13-unauthenticated-arbitrary-attachment-download-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-39157`	vulnerable	2026-06-03 14:52:37.824021	WordPress JetElements For Elementor Plugin <= 2.6.10 is vulnerable to Remote Code Execution (RCE) CRITICAL (9) Improper Control of Generation of Code ('Code Injection') vulnerability in Crocoblock JetElements For Elementor.This issue affects JetElements For Elementor: from n/a through 2.6.10. Published: 2023-12-31T10:04:01.077Z Updated: 2026-04-28T16:08:34.487Z Open on db.gcve.eu Reference links https://patchstack.com/database/vulnerability/jet-elements/wordpress-jetelements-for-elementor-plugin-2-6-10-authenticated-remote-code-execution-rce-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.

Jetelements For Elementor

PURL mappings

Vulnerability references

Contribute