GCVE - cpe:2.3:a:crocoblock:jetpopup:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:crocoblock:jetpopup:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Crocoblock (`ef7ce6af-89c8-5e74-9d86-961d95db36f9`)
Product	Jetpopup (`e330c66f-89b6-5e59-8582-52cb72c2ce10`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2025-68502`	vulnerable	2026-06-03 15:11:03.415733	WordPress JetPopup plugin <= 2.0.20.1 - Insecure Direct Object References (IDOR) vulnerability MEDIUM (4.3) Authorization Bypass Through User-Controlled Key vulnerability in Crocoblock JetPopup jet-popup allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JetPopup: from n/a through <= 2.0.20.1. Published: 2025-12-29T21:16:55.539Z Updated: 2026-04-28T16:14:28.908Z Open on db.gcve.eu Reference links https://patchstack.com/database/Wordpress/Plugin/jet-popup/vulnerability/wordpress-jetpopup-plugin-2-0-20-1-insecure-direct-object-references-idor-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-53995`	vulnerable	2026-06-03 15:03:55.424180	WordPress JetPopup plugin <= 2.0.15.1 - Cross Site Scripting (XSS) Vulnerability MEDIUM (6.5) Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetPopup jet-popup allows Stored XSS.This issue affects JetPopup: from n/a through <= 2.0.15.1. Published: 2025-07-16T10:36:38.974Z Updated: 2026-05-13T00:03:53.508Z Open on db.gcve.eu Reference links https://patchstack.com/database/Wordpress/Plugin/jet-popup/vulnerability/wordpress-jetpopup-plugin-2-0-15-1-cross-site-scripting-xss-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-53994`	vulnerable	2026-06-03 15:03:55.423911	WordPress JetPopup plugin <= 2.0.15 - Cross Site Scripting (XSS) Vulnerability MEDIUM (6.5) Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetPopup jet-popup allows DOM-Based XSS.This issue affects JetPopup: from n/a through <= 2.0.15. Published: 2025-07-16T10:36:38.504Z Updated: 2026-05-13T00:03:38.567Z Open on db.gcve.eu Reference links https://patchstack.com/database/Wordpress/Plugin/jet-popup/vulnerability/wordpress-jetpopup-plugin-2-0-15-cross-site-scripting-xss-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-53993`	vulnerable	2026-06-03 15:03:55.423584	WordPress JetPopup plugin <= 2.0.15 - Sensitive Data Exposure vulnerability MEDIUM (6.5) Insertion of Sensitive Information Into Sent Data vulnerability in Crocoblock JetPopup jet-popup allows Retrieve Embedded Sensitive Data.This issue affects JetPopup: from n/a through <= 2.0.15. Published: 2025-08-20T08:03:06.499Z Updated: 2026-04-29T09:51:55.938Z Open on db.gcve.eu Reference links https://patchstack.com/database/Wordpress/Plugin/jet-popup/vulnerability/wordpress-jetpopup-2-0-15-sensitive-data-exposure-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-26944`	vulnerable	2026-06-03 15:00:08.787693	WordPress JetPopup plugin <= 2.0.11 - Broken Access Control Vulnerability HIGH (7.5) Missing Authorization vulnerability in Crocoblock JetPopup jet-popup allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects JetPopup: from n/a through <= 2.0.11. Published: 2025-04-15T11:59:06.144Z Updated: 2026-04-28T16:11:44.430Z Open on db.gcve.eu Reference links https://patchstack.com/database/Wordpress/Plugin/jet-popup/vulnerability/wordpress-jetpopup-2-0-11-broken-access-control-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.