Unauthenticated SQL Injection Vulnerability in JetEngine by Crocoblock
CVE-2026-56068
9.3CRITICAL
What is CVE-2026-56068?
The JetEngine plugin by Crocoblock has a significant vulnerability that allows for unauthenticated SQL injection. This flaw can be exploited by attackers to execute arbitrary SQL commands on the database, potentially compromising sensitive data and affecting website integrity. Users of JetEngine versions up to 3.8.10.2 are advised to take immediate action to safeguard their installations.
Affected Version(s)
JetEngine <= 3.8.10.2