jetmonsters
Web & CMS Pluginscommercial
Latest CVEs
The 15 most recently published vulnerabilities affecting jetmonsters.
- CVE-2026-54196WordPress JetFormBuilder plugin <= 3.6.1 - Privilege Escalation vulnerability6.8
- CVE-2026-54195WordPress JetFormBuilder plugin <= 3.6.0.1 - Cross Site Scripting (XSS) vulnerability7.1
- CVE-2026-9228Timetable and Event Schedule by MotoPress <= 2.4.16 - Insecure Direct Object Reference to Authenticated (Contributor+) Sensitive Information Exposure via action_get_event_data Function4.3
- CVE-2026-8684MotoPress Hotel Booking <= 6.0.1 - Missing Authorization to Unauthenticated Arbitrary Booking Notes Modification via mphb_update_booking_notes AJAX Action5.3
- CVE-2026-32525WordPress JetFormBuilder plugin <= 3.5.6.1 - Remote Code Execution (RCE) vulnerability9.9
- CVE-2026-4373JetFormBuilder <= 3.5.6.2 - Unauthenticated Arbitrary File Read via Media Field7.5
- CVE-2025-69013WordPress Stratum plugin <= 1.6.1 - Broken Access Control vulnerability4.3
- CVE-2025-66078WordPress Hotel Booking Lite plugin <= 5.2.3 - Remote Code Execution (RCE) vulnerability9.1
- CVE-2025-49914WordPress Restaurant Menu by MotoPress plugin <= 2.4.7 - Sensitive Data Exposure vulnerability6.5
- CVE-2025-11991JetFormBuilder <= 3.5.3 - Missing Authorization to Unauthenticated Form Generation5.3
- CVE-2025-8195JetWidgets For Elementor <= 1.0.20 - Authenticated (Contributor+) Stored Cross-Site Scripting via Image Comparison and Subscribe Widgets6.4
- CVE-2025-64384WordPress JetFormBuilder plugin <= 3.5.3 - Broken Access Control vulnerability5.3
- CVE-2025-58252WordPress Getwid Plugin <= 2.1.2 - Sensitive Data Exposure Vulnerability4.3
- CVE-2025-7845Stratum – Elementor Widgets <= 1.6.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Advanced Google Maps and Image Hotspot Widgets6.4
- CVE-2025-54038WordPress Restaurant Menu by MotoPress plugin <= 2.4.6 - Cross Site Request Forgery (CSRF) Vulnerability5.4