The Jetpack Carousel module of the JetPack WordPress plugin before 9.8 allows users to create a “carousel” type image gallery and allows users to comment on the images. A security vulnerability was found within the Jetpack Carousel module by nguyenhg_vcs that allowed the comments of non-published page/posts to be leaked.
[
{
"product": "Jetpack – WP Security, Backup, Speed, & Growth",
"vendor": "Automattic",
"versions": [
{
"lessThan": "9.8",
"status": "affected",
"version": "9.8",
"versionType": "custom"
}
]
}
]