SQL Injection Vulnerability in CrocoBlock JetSearch Plugin
CVE-2025-49931
9.3CRITICAL
What is CVE-2025-49931?
The CrocoBlock JetSearch plugin suffers from an SQL Injection vulnerability that allows for blind SQL injection attacks. This weakness enables attackers to manipulate SQL queries by injecting malicious code. The affected version is JetSearch up to and including 3.5.10, making it crucial for users to update their installations to mitigate potential exploitation risks.
Affected Version(s)
JetSearch <= n/a