JetEngine

Vulnerabilities 20Slug jet-enginePlugin page →

Minimum safe version

3.8.8.2

Update to 3.8.8.2 or later to address 20 fixable vulnerabilities

N/A

2026-04-30< 3.8.8.2

JetEngine <= 3.8.8.1 - Unauthenticated SQL Injection

Wordfence CVE

N/A

2026-04-13< 3.8.6.2

JetEngine <= 3.8.6.1 - Unauthenticated SQL Injection via '_cct_search' Parameter

Wordfence CVE

N/A

2026-03-23< 3.8.6.2

JetEngine <= 3.8.6.1 - Unauthenticated SQL Injection via Listing Grid 'filtered_query' Parameter

Wordfence CVE

High 8.8

2026-03-13< 3.8.4.1

CVE-2026-32355

CVE Wordfence

High 8.5

2026-03-05< 3.8.1.2

CVE-2026-28134

CVE Wordfence

High 7.1

2026-02-20< 3.8.1

CVE-2025-68495

CVE Wordfence

High 7.1

2026-01-22< 3.7.8

CVE-2025-67923

CVE EUVD Wordfence

N/A

2026-01-07< 3.8.1.2

CVE-2025-69333

CVE Wordfence

Medium 6.5

2025-10-22< 3.7.4

CVE-2025-49938

CVE Wordfence

High 8.5

2025-08-20< 3.7.1.1

CVE-2025-53194

CVE EUVD Wordfence

Medium 6.5

2025-08-14< 3.7.2

CVE-2025-54688

CVE EUVD Wordfence

Medium 6.5

2025-08-20< 3.7.1.1

CVE-2025-53196

CVE EUVD Wordfence

Medium 6.5

2025-08-20< 3.7.1.1

CVE-2025-53195

CVE EUVD Wordfence

Medium 6.5

2025-04-15< 3.6.5

CVE-2025-26870

CVE EUVD Wordfence

Medium 6.4

2025-01-17< 3.6.3

WordPress JetEngine Plugin <= 3.6.2 is vulnerable to Cross Site Scripting (XSS)

Patchstack Wordfence CVE

High 8.8

2024-05-17< 3.2.5

CVE-2023-48757

CVE Patchstack Wordfence WPScan

High 7.1

2025-01-02< 3.2.5

CVE-2023-48758

CVE Patchstack Wordfence WPScan

Medium 6.3

2024-06-19< 3.2.5.2

CVE-2023-48761

CVE Patchstack

Medium 6.3

2023-12-18< 3.2.5.2

CVE-2023-48762

CVE Patchstack Wordfence

High 8.8

2023-04-11< 3.1.3.1

WordPress JetEngine Plugin < 3.1.3.1 is vulnerable to Remote Code Execution (RCE)

Patchstack CVE Wordfence WPScan