Sensitive Data Exposure Vulnerability in Crocoblock JetReviews Plugin
CVE-2026-61975

5.3MEDIUM

Key Information:

Vendor

WordPress

Vendor
CVE Published:
13 July 2026

What is CVE-2026-61975?

The Crocoblock JetReviews plugin contains a vulnerability that allows unauthorized retrieval of embedded sensitive system information, potentially exposing critical user data. This issue affects versions of JetReviews from release up to and including 3.0.1. It is crucial for users to update to the latest version to safeguard their data and maintain the security of their WordPress sites. Protect your website from potential data breaches by staying informed about this vulnerability.

Affected Version(s)

JetReviews 0 <= 3.0.1

References

CVSS V3.1

Score:
5.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Ananda Dhakal (Patchstack)
.