Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

RedhatCVE
RedhatCVEadded 2026/01/09 9:27 a.m.3 views

CVE-2023-45050

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Automattic Jetpack – WP Security, Backup, Speed, & Growth allows Stored XSS.This issue affects Jetpack – WP Security, Backup, Speed, & Growth: from n/a through 12.8-a.1...

6.5CVSS6.7AI score0.00275EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/05/23 8:14 a.m.3 views

CVE-2024-9926

The Jetpack WordPress plugin does not have proper authorisation in one of its REST endpoint, allowing any authenticated users, such as subscriber to read arbitrary feedbacks data sent via the Jetpack Contact Form...

4.3CVSS6.7AI score0.22802EPSS
Exploits3References1
RedhatCVE
RedhatCVEadded 2025/05/23 4:12 a.m.8 views

CVE-2023-47788

Missing Authorization vulnerability in Automattic Jetpack.This issue affects Jetpack: from n/a before 12.7...

4.3CVSS6.9AI score0.00212EPSS
Exploits0
Cvelist
Cvelistadded 2025/05/15 8:6 p.m.10 views

CVE-2024-10076 Jetpack < 13.8, Boost < 3.4.8 - Contributor+ Stored XSS

The Jetpack WordPress plugin before 13.8, Jetpack Boost WordPress plugin before 3.4.8 use regexes in the Site Accelerator features when switching image URLs to their CDN counterpart. Unfortunately, some of them may match patterns it shouldn’t, ultimately making it possible for contributor and abo...

0.0017EPSS
Exploits0References1
CNNVD
CNNVDadded 2025/05/15 12:0 a.m.2 views

WordPress plugin Jetpack 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

5.6CVSS5.9AI score0.00276EPSS
Exploits1References1
Cvelist
Cvelistadded 2024/12/25 6:0 a.m.18 views

CVE-2024-10858 Jetpack 13.0-14.0 - Unauthenticated DOM-XSS

The Jetpack WordPress plugin before 14.1 does not properly checks the postmessage origin in its 13.x versions, allowing it to be bypassed and leading to DOM-XSS. The issue only affects websites hosted on WordPress.com...

0.00057EPSS
Exploits1References1
GithubExploit
GithubExploitadded 2024/11/01 2:3 p.m.520 views

Exploit for CVE-2024-9926

wordpress-jetpack-broken-access-control-exploit This is a Pyt...

4.3CVSS4.3AI score0.22802EPSS
Exploits3
OSV
OSVadded 2024/04/24 4:15 p.m.1 views

CVE-2023-47774

Improper Restriction of Rendered UI Layers or Frames vulnerability in Automattic Jetpack allows Clickjacking.This issue affects Jetpack: from n/a before 12.7...

5.4CVSS5.4AI score
Exploits0References1
Veracode
Veracodeadded 2017/09/05 1:24 p.m.6 views

Timing Attack

automattic/jetpack is vulnerable to timing attacks. This vulnerability is caused because the secrets are not compared in constant time, allowing malicious users to guess the valid secrets based on the time that a comparison takes...

6.5AI score
Exploits0
Rows per page
Query Builder