Cross-site Scripting Vulnerability in Crocoblock JetSmartFilters
CVE-2025-54009
6.5MEDIUM
What is CVE-2025-54009?
A Cross-site Scripting (XSS) vulnerability exists in the Crocoblock JetSmartFilters plugin, allowing attackers to inject malicious scripts into web pages. This stored XSS issue affects versions up to 3.6.8, and it can lead to unauthorized access and data exposure when exploited by malicious actors. Users are encouraged to review their JetSmartFilters installation and implement necessary updates to safeguard their applications.
Affected Version(s)
JetSmartFilters <= 3.6.8