WordPress Jetpack plugin < 13.8 - Unauthenticated Arbitrary Block & Shortcode Execution vulnerability

Unauthenticated Arbitrary Block & Shortcode Execution vulnerability discovered by Marc Montpas in WordPress Plugin Jetpack versions 13.8...

WordPress plugin Jetpack 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

CVE-2023-45050 WordPress Jetpack Plugin <= 12.8-a.1 is vulnerable to Cross Site Scripting (XSS)

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Automattic Jetpack – WP Security, Backup, Speed, & Growth allows Stored XSS.This issue affects Jetpack – WP Security, Backup, Speed, & Growth: from n/a through 12.8-a.1...

WordPress Jetpack Plugin < 12.7 is vulnerable to Clickjacking

Software Jetpack Type Plugin Vulnerable versions 12.7 Fixed in 12.7 OWASP Top 10 A3: Injection Classification Clickjacking CVE CVE-2023-47774 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 18fefcc21cac Credits Rafie Muhammad Patchstack Required privilege Contributor...

WordPress Jetpack Plugin < 12.7 is vulnerable to Broken Access Control

Software Jetpack Type Plugin Vulnerable versions 12.7 Fixed in 12.7 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-47788 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 78da756327ec Credits Rafie Muhammad Patchstack Required...

WordPress Jetpack Plugin <= 12.8-a.1 is vulnerable to Cross Site Scripting (XSS)

Software Jetpack Type Plugin Vulnerable versions = 12.8-a.1 Fixed in 12.8-a.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-45050 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 8bdf519cb2b8 Credits Rafie Muhammad Patchstack Required...

WordPress plugin Jetpack 输入验证错误漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. An input validation error vulnerabilit...

WordPress JetPack Plugin Arbitrary File Manipulation Vulnerability (CVE-2023-2996)

The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:automattic:jetpack"; if description...

WordPress Jetpack Plugin <= 12.1 is vulnerable to Broken Access Control

Software Jetpack Type Plugin Vulnerable versions = 12.1 Fixed in 12.1.1 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE N/A Patch priority High CVSS severity High 9 Developer Claim ownership PSID e45930af254c Credits Jetpack Required privilege Author Published 30...

Jetpack Plugin for WordPress Security Bypass

The WordPress Jetpack plugin installed on the remote host is affected by a security bypass vulnerability due to a flaw in the 'class.jetpack.php' script. This can allow a remote, unauthenticated attacker to submit crafted XML-RPC requests that bypass access controls, allowing the attacker to...