CVE-2025-68502
- EPSS 0.03%
- Veröffentlicht 29.12.2025 21:16:55
- Zuletzt bearbeitet 15.04.2026 00:35:42
Authorization Bypass Through User-Controlled Key vulnerability in Crocoblock JetPopup jet-popup allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JetPopup: from n/a through <= 2.0.20.1.
CVE-2025-53993
- EPSS 0.03%
- Veröffentlicht 20.08.2025 08:03:06
- Zuletzt bearbeitet 15.04.2026 00:35:42
Insertion of Sensitive Information Into Sent Data vulnerability in Crocoblock JetPopup jet-popup allows Retrieve Embedded Sensitive Data.This issue affects JetPopup: from n/a through <= 2.0.15.
CVE-2025-53994
- EPSS 0.05%
- Veröffentlicht 16.07.2025 10:36:38
- Zuletzt bearbeitet 15.04.2026 00:35:42
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetPopup jet-popup allows DOM-Based XSS.This issue affects JetPopup: from n/a through <= 2.0.15.
CVE-2025-53995
- EPSS 0.05%
- Veröffentlicht 16.07.2025 10:36:38
- Zuletzt bearbeitet 15.04.2026 00:35:42
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetPopup jet-popup allows Stored XSS.This issue affects JetPopup: from n/a through <= 2.0.15.1.
CVE-2025-26944
- EPSS 0.12%
- Veröffentlicht 15.04.2025 11:59:06
- Zuletzt bearbeitet 15.04.2026 00:35:42
Missing Authorization vulnerability in Crocoblock JetPopup jet-popup allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects JetPopup: from n/a through <= 2.0.11.