Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
9.3
CVE-2026-42774: SQL Injection in JetEngine Allows Unauthorized Database Access
CVE-2026-42774
Summary
Crocoblock JetEngine, a WordPress plugin, has a security issue that allows hackers to access and modify your database. This is a serious problem because it can lead to sensitive data being stolen or manipulated. Update JetEngine to the latest version to fix this issue.
Original title
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Crocoblock JetEngine allows SQL Injection.
This issue affects JetEngine: from n/a through 3.8....
Original description
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Crocoblock JetEngine allows SQL Injection.
This issue affects JetEngine: from n/a through 3.8.8.1.
This issue affects JetEngine: from n/a through 3.8.8.1.
nvd CVSS3.1
9.3
Vulnerability type
CWE-89
SQL Injection
Published: 25 May 2026 · Updated: 1 Jun 2026 · First seen: 26 May 2026