2 matches found
Jetpack Plugin for WordPress Security Bypass
The WordPress Jetpack plugin installed on the remote host is affected by a security bypass vulnerability due to a flaw in the 'class.jetpack.php' script. This can allow a remote, unauthenticated attacker to submit crafted XML-RPC requests that bypass access controls, allowing the attacker to...
CVE-2014-0173
The CVE-2014-0173 issue concerns the WordPress Jetpack plugin: multiple historical versions (up to 2.9.x before 2.9.3, and older branches) fail to properly restrict access to the XML-RPC service, allowing remote attackers to bypass access controls and publish posts via unspecified vectors. The ro...