CVE-2025-53195

Name: Websites susceptible to CVE-2025-53195
Creator: WebTechSurvey

CVE-2025-53195

WordPress JetEngine plugin <= 3.7.0 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetEngine allows Stored XSS. This issue affects JetEngine: from n/a through 3.7.0.

We have discovered 40,452 live websites that are affected by CVE-2025-53195.

Run a Free Instant Scan

Affected Software


Product	Crocoblock JetEngine
Category	Wordpress Plugins
Vulnerable Domains	40,452 live websites (48% of Crocoblock JetEngine install base)
Vulnerable Versions	from 0 through 3.7
Vulnerable Versions Count	159 versions ( 88% of all versions)

Common Weakness Enumeration

CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Available Reports

Website List

Details

Published - Aug 20, 2025
Updated - Aug 20, 2025

Credits

stealthcopter (Patchstack Alliance) (finder)

CVE References

CWE References

cwe.mitre.org

CWE

CWE-79

Website Distribution by Country

Number of websites using CVE-2025-53195

United States	8,629 websites

Brazil	4,514 websites
Germany	3,038 websites
Spain	1,859 websites
France	1,753 websites
Iran	1,607 websites
Israel	1,484 websites
GB	1,472 websites
Netherlands	1,382 websites
Italy	1,245 websites

Website Distribution by TLD

Number of websites using CVE-2025-53195

.com	14,487 websites
.com.br	4,077 websites
.de	1,460 websites
.org	1,343 websites
.nl	1,257 websites
.it	932 websites
.co.uk	832 websites
.es	781 websites
.ru	774 websites
.fr	662 websites

Vulnerable Versions

Vulnerable versions are highlighted in red

Websites affected by CVE-2025-53195

Top websites that are affected by CVE-2025-53195. Please click on the "Contact us" link to get more information.

Domain	Country	Rank
*****************.net	GB	,*
*********.com	United States	,*
******.com	United States	,*
**********.com	United States	,*
****.com	Germany	,*
*****.it	Italy	,*
******.com	Austria	,*
******.com	Iran	,*
***********.io	United States	,*
*******..il	United States	,*

See full domain list

FAQ

CVE-2025-53195 is Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in Crocoblock JetEngine

A total of 40,452 websites have been identified as vulnerable to CVE-2025-53195, based on global website indexing conducted by WebTechSurvey.

The Crocoblock JetEngine is affected by the CVE-2025-53195 vulnerability.

Crocoblock JetEngine versions up to and including 3.7 are vulnerable to CVE-2025-53195.

References

https://patchstack.com/database/wordpress/plugin/jet-engine/vulnerability/wordpress-jetengine-plugin-3-7-0-cross-site-scripting-xss-vulnerability?_s_id=cve

CVE-2025-53195

Affected Software

Common Weakness Enumeration

Available Reports

Details

Credits

CVE References

CWE References

CWE

Website Distribution by Country

Website Distribution by TLD

Vulnerable Versions

Websites affected by CVE-2025-53195

What type of vulnerability is CVE-2025-53195?

How many websites are affected by the CVE-2025-53195 vulnerability?

Which technology is affected by CVE-2025-53195?

Which versions of Crocoblock JetEngine are vulnerable to CVE-2025-53195?

References