Search
Search Results (13 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-13459 | 2 Jetmonsters, Wordpress | 2 Jetformbuilder, Wordpress | 2026-07-02 | 5.3 Medium |
| The JetFormBuilder — Dynamic Blocks Form Builder plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 3.6.3. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for unauthenticated attackers to retrieve every distinct value stored under any arbitrary wp_postmeta key on the site — including WooCommerce billing PII such as _billing_email, _billing_phone, and _billing_address fields, order totals, attachment paths, and any third-party plugin credentials or tokens stored in post meta — provided at least one published JetFormBuilder form with a get_from_db generator field exists on the site. Exploitation requires that the target site has at least one published jet-form-builder post containing a field whose generator_function is set to get_from_db; an attacker must supply a matching form ID, field name, and generator ID in the request, but all of these can be discovered by browsing the site's public forms. | ||||
| CVE-2026-57347 | 2 Jetmonsters, Wordpress | 2 Hotel Booking Lite, Wordpress | 2026-07-02 | 6.5 Medium |
| Subscriber Sensitive Data Exposure in Hotel Booking Lite <= 6.0.3 versions. | ||||
| CVE-2026-11380 | 2 Jetmonsters, Wordpress | 2 Jetwidgets For Elementor, Wordpress | 2026-07-01 | 6.4 Medium |
| The JetWidgets For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to and including 1.0.21. This is due to insufficient output escaping and missing server-side validation of the Animated Box widget's animation_effect setting before it is rendered inside an HTML class attribute. This makes it possible for authenticated attackers, with author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | ||||
| CVE-2025-63078 | 2 Jetmonsters, Wordpress | 2 Restaurant Menu By Motopress, Wordpress | 2026-06-29 | 4.3 Medium |
| Subscriber Broken Access Control in Restaurant Menu by MotoPress <= 2.4.11 versions. | ||||
| CVE-2026-57644 | 2 Jetmonsters, Wordpress | 2 Restaurant Menu By Motopress, Wordpress | 2026-06-29 | 8.5 High |
| Contributor SQL Injection in Restaurant Menu by MotoPress <= 2.4.10 versions. | ||||
| CVE-2026-54195 | 2 Jetmonsters, Wordpress | 2 Jetformbuilder, Wordpress | 2026-06-17 | 7.1 High |
| Unauthenticated Cross Site Scripting (XSS) in JetFormBuilder <= 3.6.0.1 versions. | ||||
| CVE-2026-54196 | 2 Jetmonsters, Wordpress | 2 Jetformbuilder, Wordpress | 2026-06-17 | 6.8 Medium |
| Subscriber Privilege Escalation in JetFormBuilder <= 3.6.1 versions. | ||||
| CVE-2026-9228 | 2 Jetmonsters, Wordpress | 2 Timetable And Event Schedule By Motopress, Wordpress | 2026-05-29 | 4.3 Medium |
| The Timetable and Event Schedule by MotoPress plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.4.16 via the action_get_event_data due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with contributor-level access and above, to enumerate timeslot IDs and read the full WP_Post object — including post_content, post_excerpt, post_status, and post_author — of draft, pending, and private mp-event posts belonging to other users, along with their associated raw timeslot descriptions. | ||||
| CVE-2026-8684 | 2 Jetmonsters, Wordpress | 2 Motopress Hotel Booking, Wordpress | 2026-05-22 | 5.3 Medium |
| The MotoPress Hotel Booking plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 6.0.1. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for unauthenticated attackers to overwrite or delete the internal notes (_mphb_booking_internal_notes) of any booking by supplying an arbitrary booking ID. The nonce for this action is output in the HTML source of every public page through wp_localize_script (MPHB._data.nonces), so any unauthenticated visitor can obtain a valid nonce and perform the action without any account or prior interaction. | ||||
| CVE-2026-32525 | 2 Jetmonsters, Wordpress | 2 Jetformbuilder, Wordpress | 2026-04-24 | 9.9 Critical |
| Improper Control of Generation of Code ('Code Injection') vulnerability in jetmonsters JetFormBuilder jetformbuilder allows Code Injection.This issue affects JetFormBuilder: from n/a through <= 3.5.6.1. | ||||
| CVE-2026-4373 | 2 Jetmonsters, Wordpress | 2 Jetformbuilder — Dynamic Blocks Form Builder, Wordpress | 2026-04-24 | 7.5 High |
| The JetFormBuilder plugin for WordPress is vulnerable to arbitrary file read via path traversal in all versions up to, and including, 3.5.6.2. This is due to the 'Uploaded_File::set_from_array' method accepting user-supplied file paths from the Media Field preset JSON payload without validating that the path belongs to the WordPress uploads directory. Combined with an insufficient same-file check in 'File_Tools::is_same_file' that only compares basenames, this makes it possible for unauthenticated attackers to exfiltrate arbitrary local files as email attachments by submitting a crafted form request when the form is configured with a Media Field and a Send Email action with file attachment. | ||||
| CVE-2025-8195 | 2 Jetmonsters, Wordpress | 2 Jetwidgets For Elementor, Wordpress | 2026-04-22 | 6.4 Medium |
| The JetWidgets For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Image Comparison and Subscribe widgets in all versions up to, and including, 1.0.20 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | ||||
| CVE-2024-4413 | 2 Jetmonsters, Wordpress | 2 Hotel Booking Lite, Wordpress | 2026-04-15 | 9.8 Critical |
| The Hotel Booking Lite plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 4.11.1 via deserialization of untrusted input. This makes it possible for unauthenticated attackers to inject a PHP Object. No known POP chain is present in the vulnerable plugin. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code. | ||||
Page 1 of 1.