cleantalk
Vulnerabilities and Security Researches

JetFormBuilder — Dynamic Blocks Form Builder, CVE-2023-48763

CVE, Research URL

CVE-2023-48763

Home page URL

Security reports for JetFormBuilder — Dynamic Blocks Form Builder

Application

JetFormBuilder — Dynamic Blocks Form Builder

Published on
Apr 24, 2024
Research Description
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS vulnerability in Crocoblock JetFormBuilder allows Code Injection.This issue affects JetFormBuilder: from n/a through 3.1.4.
Affected versions
Min -, max 3.1.5.
Status
vulnerable
Previous vulnerability researches
JetFormBuilder — Dynamic Blocks Form Builder (CVE-2024-7291) , Aug 04, 2024
JetFormBuilder — Dynamic Blocks Form Builder (CVE-2025-53990) , Jul 20, 2025
JetFormBuilder — Dynamic Blocks Form Builder (CVE-2023-48763) , Jun 06, 2024
JetFormBuilder — Dynamic Blocks Form Builder (CVE-2023-33212) , Jun 06, 2024
JetFormBuilder — Dynamic Blocks Form Builder (CVE-2023-37866) , Jun 06, 2024
New vulnerability
Temporarily Hidden Content (CVE-2025-7658) , Jul 21, 2025
Testimonial Post type (CVE-2025-5800) , Jul 21, 2025
WP Shortcodes Plugin — Shortcodes Ultimate (CVE-2025-7369) , Jul 21, 2025
WP Shortcodes Plugin — Shortcodes Ultimate (CVE-2025-7354) , Jul 21, 2025
Integration for Google Sheets and Contact Form 7, WPForms, Elementor, Ninja Forms (CVE-2025-7697) , Jul 21, 2025