Jetpack Security Vulnerabilities and Issues — Jetpack CVE List

Lucene search

AutomatticJetpack

5 matches found

CVE•added 2023/11/30 12:15 p.m.•64 views

CVE-2023-45050

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Automattic Jetpack – WP Security, Backup, Speed, & Growth allows Stored XSS.This issue affects Jetpack – WP Security, Backup, Speed, & Growth: from n/a through 12.8-a.1.

6.5CVSS6.1AI score0.00275EPSS

CVE•added 2019/08/28 3:15 p.m.•49 views

CVE-2015-9359

The Jetpack plugin before 3.4.3 for WordPress has XSS via add_query_arg() and remove_query_arg().

6.1CVSS6AI score0.00439EPSS

CVE•added 2018/01/12 7:29 p.m.•40 views

CVE-2016-10705

The Jetpack plugin before 4.0.4 for WordPress has XSS via the Likes module.

6.1CVSS6AI score0.00207EPSS

CVE•added 2024/12/25 6:15 a.m.•38 views

CVE-2024-10858

The Jetpack WordPress plugin before 14.1 does not properly checks the postmessage origin in its 13.x versions, allowing it to be bypassed and leading to DOM-XSS. The issue only affects websites hosted on WordPress.com.

6.1CVSS6.5AI score0.00036EPSS

CVE•added 2018/01/12 7:29 p.m.•27 views

CVE-2016-10706

The Jetpack plugin before 4.0.3 for WordPress has XSS via a crafted Vimeo link.

6.1CVSS5.9AI score0.00207EPSS