Lucene search
K

84 matches found

Exploit DB
Exploit DB
added 2023/03/28 12:0 a.m.134 views

Jetpack 11.4 - Cross Site Scripting (XSS)

Exploit Title: Jetpack 11.4 - Cross Site Scripting XSS Date: 2022-10-19 Author: Behrouz Mansoori Software Link: https://wordpress.org/plugins/jetpack Version: 11.4 Tested on: Mac m1 CVE: N/A 1. Description: This plugin creates a Jetpack from any post types. The slider import search feature and ta...

7.4AI score
Exploits0
0day.today
0day.today
added 2022/02/10 12:0 a.m.238 views

WordPress Jetpack 9.1 Plugin - Cross Site Scripting Vulnerability

Exploit Title: WordPress Plugin Jetpack 9.1 - Cross Site Scripting XSS Author: Milad karimi Software Link: https://wordpress.org/plugins/jetpack Version: 9.1 Tested on: Windows 11 CVE: N/A 1. Description: This plugin creates a Jetpack from any post types. The slider import search feature and tab...

Exploits0
Positive Technologies
Positive Technologies
added 2021/06/21 12:0 a.m.7 views

PT-2021-15909 · WordPress · Jetpack

Name of the Vulnerable Software and Affected Versions: JetPack WordPress plugin versions prior to 9.8 Description: A security issue was found in the Jetpack Carousel module, which allows users to create image galleries and comment on images. This issue, discovered by nguyenhg vcs, enables the...

5.3CVSS5.3AI score0.01494EPSS
Exploits2References6
CNVD
CNVD
added 2019/09/03 12:0 a.m.4 views

WordPress Jetpack plugin cross-site scripting vulnerability (CNVD-2019-30395)

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.Jetpack is one of the WordPress site security management tools used in it. A cross-site scripting vulnerability exists in the WordPress...

6.1CVSS6.2AI score0.0095EPSS
Exploits0References1
NVD
NVD
added 2019/08/28 3:15 p.m.14 views

CVE-2015-9359

The Jetpack plugin before 3.4.3 for WordPress has XSS via addqueryarg and removequeryarg...

6.1CVSS6.2AI score0.0095EPSS
Exploits0References2
Prion
Prion
added 2019/08/28 3:15 p.m.19 views

Design/Logic Flaw

The Jetpack plugin before 3.4.3 for WordPress has XSS via addqueryarg and removequeryarg...

4.3CVSS6.1AI score0.0095EPSS
Exploits0References2Affected Software1
CNVD
CNVD
added 2018/01/17 12:0 a.m.3 views

WordPress Jetpack plugin cross-site scripting vulnerability (CNVD-2018-01270)

WordPress is the WordPress Software Foundation's set of blogging platform using PHP language development, the platform supports in PHP and MySQL server set up a personal blog site. Jetpack is one of the plugin package contains a variety of features such as social sharing, social login and social...

6.1CVSS6.3AI score0.00961EPSS
Exploits0References1
NVD
NVD
added 2018/01/12 7:29 p.m.17 views

CVE-2016-10706

The Jetpack plugin before 4.0.3 for WordPress has XSS via a crafted Vimeo link...

6.1CVSS6AI score0.00961EPSS
Exploits0References2
NVD
NVD
added 2018/01/12 7:29 p.m.17 views

CVE-2016-10705

The Jetpack plugin before 4.0.4 for WordPress has XSS via the Likes module...

6.1CVSS6.1AI score0.00952EPSS
Exploits0References2
Prion
Prion
added 2018/01/12 7:29 p.m.14 views

Design/Logic Flaw

The Jetpack plugin before 4.0.3 for WordPress has XSS via a crafted Vimeo link...

4.3CVSS6AI score0.00961EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2018/01/12 7:29 p.m.19 views

CVE-2016-10706

The Jetpack plugin before 4.0.3 for WordPress has XSS via a crafted Vimeo link...

6.1CVSS6.1AI score
Exploits0References2
Cvelist
Cvelist
added 2018/01/12 7:0 p.m.27 views

CVE-2016-10705

The Jetpack plugin before 4.0.4 for WordPress has XSS via the Likes module...

6.1AI score0.00952EPSS
Exploits0References2
CVE
CVE
added 2018/01/12 7:0 p.m.44 views

CVE-2016-10706

The CVE-2016-10706 affects the WordPress Jetpack plugin prior to version 4.0.3. A cross-site scripting (XSS) vulnerability can be triggered by a specially crafted Vimeo link. Public sources (NVD/Red Hat/CNVD) confirm the issue as a vulnerability in Jetpack’s handling of Vimeo content; the cited r...

6.1CVSS5.9AI score0.00961EPSS
Exploits0References2Affected Software1
CNVD
CNVD
added 2016/07/21 12:0 a.m.2 views

WordPress Jetpack Plugin HTML Injection Vulnerability

WordPress is the WordPress Software Foundation's set of blogging platforms developed using the PHP language.Jetpack is one of the plugin packages that includes a variety of features such as social sharing, social login and social commenting. An HTML injection vulnerability exists in WordPress...

7.5AI score
Exploits0References1
Hacker One
Hacker One
added 2016/05/31 2:20 a.m.25 views

Trello: XSS in Jetpack plugin

Hey, It seems like you are using an unpatched Jetpack version. Your changelog says so http://blog.trello.com/wp-content/plugins/jetpack/changelog.txt It is known to be vulnerable to XSS Check it https://jetpack.com/2016/05/27/jetpack-4-0-3-critical-security-update/ Please update your plugin. Than...

6.8AI score
Exploits0
Hacker One
Hacker One
added 2016/05/22 8:33 a.m.19 views

Trello: XSS in Jetpack Plugin

The stored XSS bug puts any affected WordPress website at risk of being completely taken over. The issue was fixed earlier this week with the release of Jetpack 3.7.1 and 3.7.2, but anyone who is still running Jetpack 3.7 or lower is vulnerable. I checked and the version of jetpack plugin which y...

5.2AI score
Exploits0
ThreatPost
ThreatPost
added 2015/10/02 9:20 a.m.18 views

WordPress Jetpack Plugin Security Patch

After a few critical bugs were recently discovered and patched in the core WordPress engine—a rarity with WordPress-related security issues—order has apparently been restored with the discovery of a critical vulnerability in a popular plugin. Insecure plugins have been at the heart of numerous...

6.1AI score
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2014/04/23 12:0 a.m.223 views

Jetpack Plugin for WordPress Security Bypass

The WordPress Jetpack plugin installed on the remote host is affected by a security bypass vulnerability due to a flaw in the 'class.jetpack.php' script. This can allow a remote, unauthenticated attacker to submit crafted XML-RPC requests that bypass access controls, allowing the attacker to...

5.8CVSS5.6AI score0.02263EPSS
Exploits1References3
NVD
NVD
added 2014/04/22 1:6 p.m.35 views

CVE-2014-0173

The Jetpack plugin before 1.9 before 1.9.4, 2.0.x before 2.0.9, 2.1.x before 2.1.4, 2.2.x before 2.2.7, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.2, 2.6.x before 2.6.3, 2.7.x before 2.7.2, 2.8.x before 2.8.2, and 2.9.x before 2.9.3 for WordPress does not properly restrict access to...

5.8CVSS6.8AI score0.02263EPSS
Exploits1References4
Prion
Prion
added 2014/04/22 1:6 p.m.21 views

Information disclosure

The Jetpack plugin before 1.9 before 1.9.4, 2.0.x before 2.0.9, 2.1.x before 2.1.4, 2.2.x before 2.2.7, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.2, 2.6.x before 2.6.3, 2.7.x before 2.7.2, 2.8.x before 2.8.2, and 2.9.x before 2.9.3 for WordPress does not properly restrict access to...

5.8CVSS7.3AI score0.02263EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder