Really Simple Security logo

Log out
Get PRO

Latest

Access violation vulnerability in JetSearch 3.1.2

  • Severity: medium-risk
  • Status: Fixed
  • Publication: November 28, 2023

Crocoblock has released multiple WordPress plugins that contain a vulnerability that could allow a malicious user to gain access to areas of a website they should not be able to access. This issue is due to a missing capability check on an unknown function in multiple versions of the plugins. If exploited, the vulnerability would give an authenticated user with subscriber-level access and above the ability to perform unauthorized actions.

Detected in:

JetBlocks for Elementor fixed vulnerable versions: >= * <= 1.3.8
JetBlog fixed vulnerable versions:
JetBlog for Elementor fixed vulnerable versions: >= * <= 2.3.5
JetCompareWishlist fixed vulnerable versions:
JetCompareWishlist for Elementor fixed vulnerable versions: >= * <= 1.5.5.1
JetElements fixed vulnerable versions: >= * <= 2.6.13
JetEngine fixed vulnerable versions: >= * <= 3.2.5.1
JetMenu fixed vulnerable versions:
JetMenu for Elementor fixed vulnerable versions: >= * <= 2.4.1
JetPopup fixed vulnerable versions: >= * <= 2.0.2
JetProductGallery fixed vulnerable versions: >= * <= 2.1.13.1
JetReviews fixed vulnerable versions:
JetReviews for Elementor fixed vulnerable versions: >= * <= 2.3.2
JetSearch fixed vulnerable versions: >= * <= 3.1.2
JetSmartFilters fixed vulnerable versions:
JetSmartFilters for Elementor fixed vulnerable versions: >= * <= 3.2.2
JetTabs fixed vulnerable versions:
JetTabs for Elementor fixed vulnerable versions: >= * <= 2.1.25.1
JetThemeCore for Elementor fixed vulnerable versions: >= * <= 2.1.2.1
JetTricks fixed vulnerable versions:
JetTricks for Elementor fixed vulnerable versions: >= * <= 1.4.6.1
JetWooBuilder fixed vulnerable versions:
JetWooBuilder for Elementor fixed vulnerable versions: >= * <= 2.1.7.2

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.