GCVE - cpe:2.3:a:crocoblock:jetblog:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:crocoblock:jetblog:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Crocoblock (`ef7ce6af-89c8-5e74-9d86-961d95db36f9`)
Product	Jetblog (`ee3e4108-9b2f-5100-bfde-2f7fca62585a`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2025-68503`	vulnerable	2026-06-03 15:11:03.416867	WordPress JetBlog plugin <= 2.4.7 - Broken Access Control vulnerability MEDIUM (6.5) Missing Authorization vulnerability in Crocoblock JetBlog jet-blog allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JetBlog: from n/a through <= 2.4.7. Published: 2025-12-29T21:15:43.312Z Updated: 2026-04-28T16:14:28.840Z Open on db.gcve.eu Reference links https://patchstack.com/database/Wordpress/Plugin/jet-blog/vulnerability/wordpress-jetblog-plugin-2-4-7-broken-access-control-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-49933`	vulnerable	2026-06-03 15:01:46.337406	WordPress JetBlog plugin <= 2.4.4 - Cross Site Scripting (XSS) vulnerability MEDIUM (6.5) Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetBlog jet-blog allows Reflected XSS.This issue affects JetBlog: from n/a through <= 2.4.4. Published: 2025-10-22T14:32:15.603Z Updated: 2026-04-28T20:25:41.863Z Open on db.gcve.eu Reference links https://patchstack.com/database/Wordpress/Plugin/jet-blog/vulnerability/wordpress-jetblog-plugin-2-4-4-cross-site-scripting-xss-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-49932`	vulnerable	2026-06-03 15:01:46.337084	WordPress JetBlog plugin <= 2.4.4.1 - Cross Site Scripting (XSS) vulnerability MEDIUM (6.5) Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetBlog jet-blog allows Stored XSS.This issue affects JetBlog: from n/a through <= 2.4.4.1. Published: 2025-10-22T14:32:15.443Z Updated: 2026-04-28T20:25:31.642Z Open on db.gcve.eu Reference links https://patchstack.com/database/Wordpress/Plugin/jet-blog/vulnerability/wordpress-jetblog-plugin-2-4-4-1-cross-site-scripting-xss-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-26958`	vulnerable	2026-06-03 15:00:08.815070	WordPress JetBlog plugin <= 2.4.3 - Broken Access Control Vulnerability HIGH (7.5) Missing Authorization vulnerability in Crocoblock JetBlog jet-blog allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects JetBlog: from n/a through <= 2.4.3. Published: 2025-04-15T11:59:06.703Z Updated: 2026-04-29T09:51:54.730Z Open on db.gcve.eu Reference links https://patchstack.com/database/Wordpress/Plugin/jet-blog/vulnerability/wordpress-jetblog-2-4-3-broken-access-control-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-26744`	vulnerable	2026-06-03 15:00:08.360319	WordPress JetBlog plugin <= 2.4.3 - Cross Site Scripting (XSS) vulnerability MEDIUM (6.5) Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetBlog jet-blog allows DOM-Based XSS.This issue affects JetBlog: from n/a through <= 2.4.3. Published: 2025-04-15T11:59:05.240Z Updated: 2026-04-28T16:11:39.899Z Open on db.gcve.eu Reference links https://patchstack.com/database/Wordpress/Plugin/jet-blog/vulnerability/wordpress-jetblog-plugin-2-4-3-cross-site-scripting-xss-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.