84 matches found
CVE-2014-0173
The Jetpack plugin before 1.9 before 1.9.4, 2.0.x before 2.0.9, 2.1.x before 2.1.4, 2.2.x before 2.2.7, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.2, 2.6.x before 2.6.3, 2.7.x before 2.7.2, 2.8.x before 2.8.2, and 2.9.x before 2.9.3 for WordPress does not properly restrict access to...
CVE-2014-0173
The CVE-2014-0173 issue concerns the WordPress Jetpack plugin: multiple historical versions (up to 2.9.x before 2.9.3, and older branches) fail to properly restrict access to the XML-RPC service, allowing remote attackers to bypass access controls and publish posts via unspecified vectors. The ro...
CVE-2011-4673
CVE-2011-4673 affects the WordPress Jetpack plugin, specifically the modules/sharedaddy.php component. The vulnerability allows remote attackers to execute arbitrary SQL commands via the id parameter, indicating a SQL injection in that file. The issue is tied to the Jetpack plugin for WordPress a...
WordPress Plugin jetpack - 'sharedaddy.php' ID SQL Injection
Exploit Title: WordPress jetpack plugin SQL Injection Vulnerability Date: 2011-19-11 Author: longrifle0x software: Wordpress Download:http://wordpress.org/extend/plugins/jetpack/ Tools: SQLMAP DESCRIPTION Discovered a vulnerability in jetpack, Wordpress Plugin, vulnerability is SQL injection...