Analysis
No analysis available yet.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||
|---|---|---|---|---|---|---|---|---|---|
| Jetmonsters | JetFormBuilder | unaffected |
|
No data.
No data.
| Vendor | Product | Confidence | Versions | ||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
| Jetmonsters | Jetformbuilder | 100% |
|
||||||||
| Wordpress | Wordpress | 80% |
|
Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .
Vendor Solution
Update the WordPress JetFormBuilder Plugin to the latest available version (at least 3.6.1).
Tracking
Sign in to view the affected projects.
No advisories yet.
Wed, 17 Jun 2026 14:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Jetmonsters
Jetmonsters jetformbuilder Wordpress Wordpress wordpress |
|
| Vendors & Products |
Jetmonsters
Jetmonsters jetformbuilder Wordpress Wordpress wordpress |
Wed, 17 Jun 2026 11:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Unauthenticated Cross Site Scripting (XSS) in JetFormBuilder <= 3.6.0.1 versions. | |
| Title | WordPress JetFormBuilder plugin <= 3.6.0.1 - Cross Site Scripting (XSS) vulnerability | |
| Weaknesses | CWE-79 | |
| References |
| |
| Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: Patchstack
Published:
Updated: 2026-06-17T15:29:52.435Z
Reserved: 2026-06-12T09:16:00.860Z
Link: CVE-2026-54195
Vulnrichment
No data.
NVD
No data.
Redhat
No data.
OpenCVE Enrichment
Updated: 2026-06-17T14:00:09Z
-
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')