CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Improper Restriction of Rendered UI Layers or Frames vulnerability in Automattic Jetpack allows Clickjacking.This issue affects Jetpack: from n/a before 12.7...

5.4CVSS8.5AI score0.00041EPSS

Exploits0References1

NVD•added 2025/05/15 7:15 p.m.•13 views

CVE-2024-56006

Missing Authorization vulnerability in Automattic Jetpack Debug Tools.This issue affects Jetpack Debug Tools: from n/a before 2.0.1...

5.3CVSS0.00229EPSS

Exploits0References1

CVE•added 2025/05/15 6:24 p.m.•28 views

CVE-2024-56006

CVE-2024-56006 is a Missing Authorization (Broken Access Control) vulnerability in Automattic Jetpack Debug Tools for WordPress. Affected versions are prior to 2.0.1; the issue enables unauthenticated access to the Jetpack Debug Tools functionality. The CVSS base score is 5.3 (Network attack, no ...

5.3CVSS8.6AI score0.00229EPSS

Exploits0References1

Vulnrichment•added 2025/05/15 6:24 p.m.•7 views

CVE-2024-56006 WordPress Jetpack Debug Tools plugin < 2.0.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in Automattic Jetpack Debug Tools.This issue affects Jetpack Debug Tools: from n/a before 2.0.1...

5.3CVSS7.2AI score0.00229EPSS

Exploits0References1

Positive Technologies•added 2025/05/15 12:0 a.m.•2 views

PT-2025-21353 · Automattic · Jetpack Debug Tools

Name of the Vulnerable Software and Affected Versions: Automattic Jetpack Debug Tools version prior to 2.0.1 Description: A Missing Authorization issue affects the Jetpack Debug Tools, allowing potential unauthorized access. Recommendations: For versions prior to 2.0.1, update to version 2.0.1 or...

5.3CVSS6.2AI score0.00229EPSS

Exploits0References3

OSV•added 2024/06/19 11:15 a.m.•1 views

CVE-2023-47788

Missing Authorization vulnerability in Automattic Jetpack.This issue affects Jetpack: from n/a before 12.7...

8.8CVSS5.4AI score

Exploits0References1

NVD•added 2024/06/19 11:15 a.m.•29 views

CVE-2023-47788

Missing Authorization vulnerability in Automattic Jetpack.This issue affects Jetpack: from n/a before 12.7...

8.8CVSS0.00212EPSS

Exploits0References1

Vulnrichment•added 2024/06/19 10:33 a.m.•25 views

CVE-2023-47788 WordPress Jetpack plugin < 12.7 - Contributor+ Broken Access Control vulnerability

Missing Authorization vulnerability in Automattic Jetpack.This issue affects Jetpack: from n/a before 12.7...

4.3CVSS6.9AI score0.00212EPSS

Exploits0References1

NVD•added 2024/04/24 4:15 p.m.•15 views

CVE-2023-47774

Improper Restriction of Rendered UI Layers or Frames vulnerability in Automattic Jetpack allows Clickjacking.This issue affects Jetpack: from n/a before 12.7...

5.4CVSS5.5AI score0.00041EPSS

Exploits0References1

Positive Technologies•added 2024/04/24 12:0 a.m.•2 views

PT-2024-13488

Name of the Vulnerable Software and Affected Versions Automattic Jetpack versions prior to 12.7 Description The issue is related to an Improper Restriction of Rendered UI Layers or Frames vulnerability, which allows Clickjacking. Recommendations For versions prior to 12.7, update to version 12.7 ...

5.4CVSS8.2AI score0.00041EPSS

Exploits0References4

NVD•added 2023/11/30 12:15 p.m.•9 views

CVE-2023-45050

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Automattic Jetpack – WP Security, Backup, Speed, & Growth allows Stored XSS.This issue affects Jetpack – WP Security, Backup, Speed, & Growth: from n/a through 12.8-a.1...

6.5CVSS0.00275EPSS

Exploits1References2

OSV•added 2023/11/30 12:15 p.m.•15 views

CVE-2023-45050

5.4CVSS6.7AI score

Exploits0References2

Prion•added 2023/11/30 12:15 p.m.•10 views

Cross site scripting

4.9CVSS6.9AI score0.00275EPSS

Exploits1References2Affected Software1

CVE•added 2023/11/30 12:7 p.m.•73 views

CVE-2023-45050

CVE-2023-45050 is a Cross-site Scripting (Stored XSS) in Automattic Jetpack – WP Security, Backup, Speed, & Growth (Jetpack) up to version 12.8-a.1. Root cause: improper neutralization of input during web page generation. Affected product: Jetpack plugin for WordPress. Public fix: version 12.8-a....

6.5CVSS6.7AI score0.00275EPSS

Exploits1References2Affected Software1

Cvelist•added 2023/11/30 12:7 p.m.•16 views

CVE-2023-45050 WordPress Jetpack Plugin <= 12.8-a.1 is vulnerable to Cross Site Scripting (XSS)

6.5CVSS6.6AI score0.00275EPSS

Exploits1References2

Veracode•added 2017/09/05 1:36 p.m.•11 views

Cross-site Scripting (XSS)

automattic/jetpack is vulnerable to cross-site scripting XSS attacks. The library doesn't properly escape the $header parameter in the modules/shortcodes/wufoo.php file, allowing a malicious user to inject and execute arbitrary JavaScript...

6.1AI score

Exploits0

Veracode•added 2017/09/05 1:24 p.m.•7 views

Timing Attack

automattic/jetpack is vulnerable to timing attacks. This vulnerability is caused because the secrets are not compared in constant time, allowing malicious users to guess the valid secrets based on the time that a comparison takes...

6.5AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by