cleantalk
Vulnerabilities and Security Researches

JetFormBuilder — Dynamic Blocks Form Builder, CVE-2026-54195

CVE, Research URL

CVE-2026-54195

Home page URL

Security reports for JetFormBuilder — Dynamic Blocks Form Builder

Application

JetFormBuilder — Dynamic Blocks Form Builder

Published on
Jun 17, 2026
Research Description
Unauthenticated Cross Site Scripting (XSS) in JetFormBuilder <= 3.6.0.1 versions.
Affected versions
max 3.6.1.
Status
vulnerable
Previous vulnerability researches
Counter Box &#8211; WordPress plugin for countdown, timer, counter (cfe2da43056241c4303faf595a6ccc93f16fd6b6) , Jun 16, 2026
Counter Box &#8211; WordPress plugin for countdown, timer, counter (CVE-2023-2362) , Jun 07, 2024
Counter Box &#8211; WordPress plugin for countdown, timer, counter (CVE-2024-3481) , Jun 07, 2024
Counter Box &#8211; WordPress plugin for countdown, timer, counter (CVE-2022-29446) , Jun 07, 2024
Counter Box &#8211; WordPress plugin for countdown, timer, counter (CVE-2022-2245) , Jun 07, 2024
New vulnerability
Gutenberg Blocks by Kadence Blocks – Page Builder Features (CVE-2026-11357) , Jun 18, 2026
JetFormBuilder — Dynamic Blocks Form Builder (CVE-2026-54196) , Jun 18, 2026
JetFormBuilder — Dynamic Blocks Form Builder (CVE-2026-54195) , Jun 18, 2026
Counter Box &#8211; WordPress plugin for countdown, timer, counter (CVE-2026-12115) , Jun 18, 2026
Photos and Files Contest Gallery – Contact Form, Upload Form, Social Share and Voting Plugin for WordPress (CVE-2026-12165) , Jun 18, 2026