Lucene search
WPScanCVELIST:CVE-2021-24374HistoryJun 21, 2021 - 7:18 p.m.
CVE-2021-24374 Jetpack < 9.8 - Carousel Module Non-Published Page/Post Attachment Comment Leak
2021-06-2119:18:21
CWE-639
WPScan
www.cve.org
0.001 Low
EPSS
Percentile
46.4%
The Jetpack Carousel module of the JetPack WordPress plugin before 9.8 allows users to create a “carousel” type image gallery and allows users to comment on the images. A security vulnerability was found within the Jetpack Carousel module by nguyenhg_vcs that allowed the comments of non-published page/posts to be leaked.
CNA Affected
[
{
"product": "Jetpack – WP Security, Backup, Speed, & Growth",
"vendor": "Automattic",
"versions": [
{
"lessThan": "9.8",
"status": "affected",
"version": "9.8",
"versionType": "custom"
}
]
}
]Related
wpexploit
wpexploit
prion
prion
Design/Logic Flaw
2021-06-21 20:15:00
github
github
JetPack Exposure of Resource to Wrong Sphere
2022-05-24 19:05:47
openvas
openvas
WordPress JetPack Plugin < 9.8 IDOR Vulnerability
2023-04-26 00:00:00
nvd
nvd
CVE-2021-24374
2021-06-21 20:15:08
cve
cve
CVE-2021-24374
2021-06-21 20:15:08
wpvulndb
wpvulndb
gitlab
gitlab
Exposure of Resource to Wrong Sphere
2021-06-21 00:00:00
patchstack
patchstack
osv
osv
JetPack Exposure of Resource to Wrong Sphere
2022-05-24 19:05:47