A vulnerability identified as critical has been detected in Crocoblock JetEngine Plugin up to 3.8.8.1 on WordPress. The affected element is an unknown function. The manipulation leads to sql injection. This vulnerability is documented as CVE-2026-42774 . The attack can be initiated remotely. There is not any exploit available.