CVE-2025-49938

by Fred · 22/10/2025

Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in CrocoBlock JetEngine jet-engine allows Stored XSS.This issue affects JetEngine: from n/a through <= 3.7.3. More information : https://vdp.patchstack.com/database/Wordpress/Plugin/jet-engine/vulnerability/wordpress-jetengine-plugin-3-7-3-cross-site-scripting-xss-vulnerability