Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
10 vulnerabilities found for Jetpack by Unknown
CVE-2024-10076 (GCVE-0-2024-10076)
Vulnerability from cvelistv5 – Published: 2025-05-15 20:06 – Updated: 2025-05-20 16:03
VLAI
Title
Jetpack < 13.8, Boost < 3.4.8 - Contributor+ Stored XSS
Summary
The Jetpack WordPress plugin before 13.8, Jetpack Boost WordPress plugin before 3.4.8 use regexes in the Site Accelerator features when switching image URLs to their CDN counterpart. Unfortunately, some of them may match patterns it shouldn’t, ultimately making it possible for contributor and above users to perform Stored XSS attacks
Severity
5.9 (Medium)
SSVC
Exploitation: poc
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://wpscan.com/vulnerability/15f278f6-0418-4c… | exploitvdb-entrytechnical-description |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Unknown | Jetpack |
Affected:
0 , < 13.8
(semver)
|
|
| Unknown | Jetpack Boost |
Affected:
0 , < 3.4.8
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-10076",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-20T15:47:11.845919Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-20T16:03:22.267Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://wpscan.com/vulnerability/15f278f6-0418-4c83-b925-b1a2d8c53e2f/"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "13.8",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack Boost",
"vendor": "Unknown",
"versions": [
{
"lessThan": "3.4.8",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Marc Montpas"
},
{
"lang": "en",
"type": "coordinator",
"value": "WPScan"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Jetpack WordPress plugin before 13.8, Jetpack Boost WordPress plugin before 3.4.8 use regexes in the Site Accelerator features when switching image URLs to their CDN counterpart. Unfortunately, some of them may match patterns it shouldn\u2019t, ultimately making it possible for contributor and above users to perform Stored XSS attacks"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-79 Cross-Site Scripting (XSS)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-15T20:06:40.424Z",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"exploit",
"vdb-entry",
"technical-description"
],
"url": "https://wpscan.com/vulnerability/15f278f6-0418-4c83-b925-b1a2d8c53e2f/"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Jetpack \u003c 13.8, Boost \u003c 3.4.8 - Contributor+ Stored XSS",
"x_generator": {
"engine": "WPScan CVE Generator"
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2024-10076",
"datePublished": "2025-05-15T20:06:40.424Z",
"dateReserved": "2024-10-17T09:02:05.021Z",
"dateUpdated": "2025-05-20T16:03:22.267Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-10075 (GCVE-0-2024-10075)
Vulnerability from cvelistv5 – Published: 2025-05-15 20:06 – Updated: 2025-05-20 16:10
VLAI
Title
Jetpack < 13.8 - Unauthenticated Arbitrary Block & Shortcode Execution
Summary
The Jetpack WordPress plugin before 13.8 does not ensure that the post created by the Contact Form is only accessible to authorised users, which could allow unauthenticated users to run arbitrary shortcodes and block.
Severity
5.6 (Medium)
SSVC
Exploitation: poc
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://wpscan.com/vulnerability/a984976c-291a-4f… | exploitvdb-entrytechnical-description |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-10075",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-20T16:08:22.976995Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-20T16:10:57.508Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://wpscan.com/vulnerability/a984976c-291a-4f68-90d4-e452605ea7d1/"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "13.8",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Marc Montpas"
},
{
"lang": "en",
"type": "coordinator",
"value": "WPScan"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Jetpack WordPress plugin before 13.8 does not ensure that the post created by the Contact Form is only accessible to authorised users, which could allow unauthenticated users to run arbitrary shortcodes and block."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-639 Authorization Bypass Through User-Controlled Key",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-15T20:06:40.225Z",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"exploit",
"vdb-entry",
"technical-description"
],
"url": "https://wpscan.com/vulnerability/a984976c-291a-4f68-90d4-e452605ea7d1/"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Jetpack \u003c 13.8 - Unauthenticated Arbitrary Block \u0026 Shortcode Execution",
"x_generator": {
"engine": "WPScan CVE Generator"
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2024-10075",
"datePublished": "2025-05-15T20:06:40.225Z",
"dateReserved": "2024-10-17T08:50:53.381Z",
"dateUpdated": "2025-05-20T16:10:57.508Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-10858 (GCVE-0-2024-10858)
Vulnerability from cvelistv5 – Published: 2024-12-25 06:00 – Updated: 2024-12-26 19:53
VLAI
Title
Jetpack 13.0-14.0 - Unauthenticated DOM-XSS
Summary
The Jetpack WordPress plugin before 14.1 does not properly checks the postmessage origin in its 13.x versions, allowing it to be bypassed and leading to DOM-XSS. The issue only affects websites hosted on WordPress.com.
Severity
6.1 (Medium)
SSVC
Exploitation: poc
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://wpscan.com/vulnerability/7fecba37-d718-4d… | exploitvdb-entrytechnical-description |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-10858",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-26T19:52:57.866186Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-26T19:53:41.888Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://wpscan.com/vulnerability/7fecba37-d718-4dd4-89f3-285fb36a4165/"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "14.1",
"status": "affected",
"version": "13.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Eldar (hakupiku)"
},
{
"lang": "en",
"type": "coordinator",
"value": "WPScan"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Jetpack WordPress plugin before 14.1 does not properly checks the postmessage origin in its 13.x versions, allowing it to be bypassed and leading to DOM-XSS. The issue only affects websites hosted on WordPress.com."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-79 Cross-Site Scripting (XSS)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-25T06:00:02.663Z",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"exploit",
"vdb-entry",
"technical-description"
],
"url": "https://wpscan.com/vulnerability/7fecba37-d718-4dd4-89f3-285fb36a4165/"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Jetpack 13.0-14.0 - Unauthenticated DOM-XSS",
"x_generator": {
"engine": "WPScan CVE Generator"
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2024-10858",
"datePublished": "2024-12-25T06:00:02.663Z",
"dateReserved": "2024-11-05T13:26:58.545Z",
"dateUpdated": "2024-12-26T19:53:41.888Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-9926 (GCVE-0-2024-9926)
Vulnerability from cvelistv5 – Published: 2024-11-07 15:02 – Updated: 2024-11-07 19:53
VLAI
Title
Jetpack < 13.9.1 - Subscriber+ Arbitrary Feedback Access
Summary
The Jetpack WordPress plugin does not have proper authorisation in one of its REST endpoint, allowing any authenticated users, such as subscriber to read arbitrary feedbacks data sent via the Jetpack Contact Form
Severity
4.3 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://wpscan.com/vulnerability/669382af-f836-48… | exploitvdb-entrytechnical-description |
Impacted products
102 products
| Vendor | Product | Version | |
|---|---|---|---|
| Unknown | Jetpack |
Affected:
13.9 , < 13.9.1
(semver)
|
|
| Unknown | Jetpack |
Affected:
13.8 , < 13.8.2
(semver)
|
|
| Unknown | Jetpack |
Affected:
13.7 , < 13.7.1
(semver)
|
|
| Unknown | Jetpack |
Affected:
13.6 , < 13.6.1
(semver)
|
|
| Unknown | Jetpack |
Affected:
13.5 , < 13.5.1
(semver)
|
|
| Unknown | Jetpack |
Affected:
13.4 , < 13.4.4
(semver)
|
|
| Unknown | Jetpack |
Affected:
13.3 , < 13.3.2
(semver)
|
|
| Unknown | Jetpack |
Affected:
13.2 , < 13.2.3
(semver)
|
|
| Unknown | Jetpack |
Affected:
13.1 , < 13.1.4
(semver)
|
|
| Unknown | Jetpack |
Affected:
13.0 , < 13.0.1
(semver)
|
|
| Unknown | Jetpack |
Affected:
12.9 , < 12.9.4
(semver)
|
|
| Unknown | Jetpack |
Affected:
12.8 , < 12.8.2
(semver)
|
|
| Unknown | Jetpack |
Affected:
12.7 , < 12.7.2
(semver)
|
|
| Unknown | Jetpack |
Affected:
12.6 , < 12.6.3
(semver)
|
|
| Unknown | Jetpack |
Affected:
12.5 , < 12.5.1
(semver)
|
|
| Unknown | Jetpack |
Affected:
12.4 , < 12.4.1
(semver)
|
|
| Unknown | Jetpack |
Affected:
12.3 , < 12.3.1
(semver)
|
|
| Unknown | Jetpack |
Affected:
12.2 , < 12.2.2
(semver)
|
|
| Unknown | Jetpack |
Affected:
12.1 , < 12.1.2
(semver)
|
|
| Unknown | Jetpack |
Affected:
12.0 , < 12.0.2
(semver)
|
|
| Unknown | Jetpack |
Affected:
11.9 , < 11.9.3
(semver)
|
|
| Unknown | Jetpack |
Affected:
11.8 , < 11.8.6
(semver)
|
|
| Unknown | Jetpack |
Affected:
11.7 , < 11.7.3
(semver)
|
|
| Unknown | Jetpack |
Affected:
11.6 , < 11.6.2
(semver)
|
|
| Unknown | Jetpack |
Affected:
11.5 , < 11.5.3
(semver)
|
|
| Unknown | Jetpack |
Affected:
11.4 , < 11.4.2
(semver)
|
|
| Unknown | Jetpack |
Affected:
11.3 , < 11.3.4
(semver)
|
|
| Unknown | Jetpack |
Affected:
11.2 , < 11.2.2
(semver)
|
|
| Unknown | Jetpack |
Affected:
11.1 , < 11.1.4
(semver)
|
|
| Unknown | Jetpack |
Affected:
11.0 , < 11.0.2
(semver)
|
|
| Unknown | Jetpack |
Affected:
10.9 , < 10.9.3
(semver)
|
|
| Unknown | Jetpack |
Affected:
10.8 , < 10.8.2
(semver)
|
|
| Unknown | Jetpack |
Affected:
10.7 , < 10.7.2
(semver)
|
|
| Unknown | Jetpack |
Affected:
10.6 , < 10.6.2
(semver)
|
|
| Unknown | Jetpack |
Affected:
10.5 , < 10.5.3
(semver)
|
|
| Unknown | Jetpack |
Affected:
10.4 , < 10.4.2
(semver)
|
|
| Unknown | Jetpack |
Affected:
10.3 , < 10.3.2
(semver)
|
|
| Unknown | Jetpack |
Affected:
10.2 , < 10.2.3
(semver)
|
|
| Unknown | Jetpack |
Affected:
10.1 , < 10.1.2
(semver)
|
|
| Unknown | Jetpack |
Affected:
10.0 , < 10.0.2
(semver)
|
|
| Unknown | Jetpack |
Affected:
9.9 , < 9.9.3
(semver)
|
|
| Unknown | Jetpack |
Affected:
9.8 , < 9.8.3
(semver)
|
|
| Unknown | Jetpack |
Affected:
9.7 , < 9.7.3
(semver)
|
|
| Unknown | Jetpack |
Affected:
9.6 , < 9.6.4
(semver)
|
|
| Unknown | Jetpack |
Affected:
9.5 , < 9.5.5
(semver)
|
|
| Unknown | Jetpack |
Affected:
9.4 , < 9.4.4
(semver)
|
|
| Unknown | Jetpack |
Affected:
9.3 , < 9.3.5
(semver)
|
|
| Unknown | Jetpack |
Affected:
9.2 , < 9.2.4
(semver)
|
|
| Unknown | Jetpack |
Affected:
9.1 , < 9.1.3
(semver)
|
|
| Unknown | Jetpack |
Affected:
9.0 , < 9.0.5
(semver)
|
|
| Unknown | Jetpack |
Affected:
8.9 , < 8.9.4
(semver)
|
|
| Unknown | Jetpack |
Affected:
8.8 , < 8.8.5
(semver)
|
|
| Unknown | Jetpack |
Affected:
8.7 , < 8.7.4
(semver)
|
|
| Unknown | Jetpack |
Affected:
8.6 , < 8.6.4
(semver)
|
|
| Unknown | Jetpack |
Affected:
8.5 , < 8.5.3
(semver)
|
|
| Unknown | Jetpack |
Affected:
8.4 , < 8.4.5
(semver)
|
|
| Unknown | Jetpack |
Affected:
8.3 , < 8.3.3
(semver)
|
|
| Unknown | Jetpack |
Affected:
8.2 , < 8.2.6
(semver)
|
|
| Unknown | Jetpack |
Affected:
8.1 , < 8.1.4
(semver)
|
|
| Unknown | Jetpack |
Affected:
8.0 , < 8.0.3
(semver)
|
|
| Unknown | Jetpack |
Affected:
7.9 , < 7.9.4
(semver)
|
|
| Unknown | Jetpack |
Affected:
7.8 , < 7.8.4
(semver)
|
|
| Unknown | Jetpack |
Affected:
7.7 , < 7.7.6
(semver)
|
|
| Unknown | Jetpack |
Affected:
7.6 , < 7.6.4
(semver)
|
|
| Unknown | Jetpack |
Affected:
7.5 , < 7.5.7
(semver)
|
|
| Unknown | Jetpack |
Affected:
7.4 , < 7.4.5
(semver)
|
|
| Unknown | Jetpack |
Affected:
7.3 , < 7.3.5
(semver)
|
|
| Unknown | Jetpack |
Affected:
7.2 , < 7.2.5
(semver)
|
|
| Unknown | Jetpack |
Affected:
7.1 , < 7.1.5
(semver)
|
|
| Unknown | Jetpack |
Affected:
7.0 , < 7.0.5
(semver)
|
|
| Unknown | Jetpack |
Affected:
6.9 , < 6.9.4
(semver)
|
|
| Unknown | Jetpack |
Affected:
6.8 , < 6.8.5
(semver)
|
|
| Unknown | Jetpack |
Affected:
6.7 , < 6.7.4
(semver)
|
|
| Unknown | Jetpack |
Affected:
6.6 , < 6.6.5
(semver)
|
|
| Unknown | Jetpack |
Affected:
6.5 , < 6.5.4
(semver)
|
|
| Unknown | Jetpack |
Affected:
6.4 , < 6.4.6
(semver)
|
|
| Unknown | Jetpack |
Affected:
6.3 , < 6.3.7
(semver)
|
|
| Unknown | Jetpack |
Affected:
6.2 , < 6.2.5
(semver)
|
|
| Unknown | Jetpack |
Affected:
6.1 , < 6.1.5
(semver)
|
|
| Unknown | Jetpack |
Affected:
6.0 , < 6.0.4
(semver)
|
|
| Unknown | Jetpack |
Affected:
5.9 , < 5.9.4
(semver)
|
|
| Unknown | Jetpack |
Affected:
5.8 , < 5.8.4
(semver)
|
|
| Unknown | Jetpack |
Affected:
5.7 , < 5.7.5
(semver)
|
|
| Unknown | Jetpack |
Affected:
5.6 , < 5.6.5
(semver)
|
|
| Unknown | Jetpack |
Affected:
5.5 , < 5.5.5
(semver)
|
|
| Unknown | Jetpack |
Affected:
5.4 , < 5.4.4
(semver)
|
|
| Unknown | Jetpack |
Affected:
5.3 , < 5.3.4
(semver)
|
|
| Unknown | Jetpack |
Affected:
5.2 , < 5.2.5
(semver)
|
|
| Unknown | Jetpack |
Affected:
5.1 , < 5.1.4
(semver)
|
|
| Unknown | Jetpack |
Affected:
5.0 , < 5.0.3
(semver)
|
|
| Unknown | Jetpack |
Affected:
4.9 , < 4.9.3
(semver)
|
|
| Unknown | Jetpack |
Affected:
4.8 , < 4.8.5
(semver)
|
|
| Unknown | Jetpack |
Affected:
4.7 , < 4.7.4
(semver)
|
|
| Unknown | Jetpack |
Affected:
4.6 , < 4.6.3
(semver)
|
|
| Unknown | Jetpack |
Affected:
4.5 , < 4.5.3
(semver)
|
|
| Unknown | Jetpack |
Affected:
4.4 , < 4.4.5
(semver)
|
|
| Unknown | Jetpack |
Affected:
4.3 , < 4.3.5
(semver)
|
|
| Unknown | Jetpack |
Affected:
4.2 , < 4.2.5
(semver)
|
|
| Unknown | Jetpack |
Affected:
4.1.0 , < 4.1.4
(semver)
|
|
| Unknown | Jetpack |
Affected:
4.0.0 , < 4.0.7
(semver)
|
|
| Unknown | Jetpack |
Affected:
3.9.2 , < 3.9.10
(semver)
|
|
| automattic | jetpack |
Affected:
13.9 , < 13.9.1
(semver)
Affected: 13.8 , < 13.8.2 (semver) Affected: 13.7 , < 13.7.1 (semver) Affected: 13.6 , < 13.6.1 (semver) Affected: 13.5 , < 13.5.1 (semver) Affected: 13.4 , < 13.4.4 (semver) Affected: 13.3 , < 13.3.2 (semver) Affected: 13.2 , < 13.2.3 (semver) Affected: 13.1 , < 13.1.4 (semver) Affected: 13.0 , < 13.0.1 (semver) Affected: 12.9 , < 12.9.4 (semver) Affected: 12.8 , < 12.8.2 (semver) Affected: 12.7 , < 12.7.2 (semver) Affected: 12.6 , < 12.6.3 (semver) Affected: 12.5 , < 12.5.1 (semver) Affected: 12.4 , < 12.4.1 (semver) Affected: 12.3 , < 12.3.1 (semver) Affected: 12.2 , < 12.2.2 (semver) Affected: 12.1 , < 12.1.2 (semver) Affected: 12.0 , < 12.0.2 (semver) Affected: 11.9 , < 11.9.3 (semver) Affected: 11.8 , < 11.8.6 (semver) Affected: 11.7 , < 11.7.3 (semver) Affected: 11.6 , < 11.6.2 (semver) Affected: 11.5 , < 11.5.3 (semver) Affected: 11.4 , < 11.4.2 (semver) Affected: 11.3 , < 11.3.4 (semver) Affected: 11.2 , < 11.2.2 (semver) Affected: 11.1 , < 11.1.4 (semver) Affected: 11.0 , < 11.0.2 (semver) Affected: 10.9 , < 10.9.3 (semver) Affected: 10.8 , < 10.8.2 (semver) Affected: 10.7 , < 10.7.2 (semver) Affected: 10.6 , < 10.6.2 (semver) Affected: 10.5 , < 10.5.3 (semver) Affected: 10.4 , < 10.4.2 (semver) Affected: 10.3 , < 10.3.2 (semver) Affected: 10.2 , < 10.2.3 (semver) Affected: 10.1 , < 10.1.2 (semver) Affected: 10.0 , < 10.0.2 (semver) Affected: 9.9 , < 9.9.3 (semver) Affected: 9.8 , < 9.8.3 (semver) Affected: 9.7 , < 9.7.3 (semver) Affected: 9.6 , < 9.6.4 (semver) Affected: 9.5 , < 9.5.5 (semver) Affected: 9.4 , ≤ 9.4.4 (semver) Affected: 9.3 , < 9.3.5 (semver) Affected: 9.2 , < 9.2.4 (semver) Affected: 9.1 , < 9.1.3 (semver) Affected: 9.0 , < 9.0.5 (semver) Affected: 8.9 , < 8.9.4 (semver) Affected: 8.8 , < 8.8.5 (semver) Affected: 8.7 , < 8.7.4 (semver) Affected: 8.6 , < 8.6.4 (semver) Affected: 8.5 , < 8.5.3 (semver) Affected: 8.4 , < 8.4.5 (semver) Affected: 8.3 , < 8.3.3 (semver) Affected: 8.2 , < 8.2.6 (semver) Affected: 8.1 , < 8.1.4 (semver) Affected: 8.0 , < 8.0.3 (semver) Affected: 7.9 , < 7.9.4 (semver) Affected: 7.8 , < 7.8.4 (semver) Affected: 7.7 , < 7.7.6 (semver) Affected: 7.6 , < 7.6.4 (semver) Affected: 7.5 , < 7.5.7 (semver) Affected: 7.4 , < 7.4.5 (semver) Affected: 7.3 , < 7.3.5 (semver) Affected: 7.2 , < 7.2.5 (semver) Affected: 7.1 , < 7.1.5 (semver) Affected: 7.0 , < 7.0.5 (semver) Affected: 6.9 , < 6.9.4 (semver) Affected: 6.8 , < 6.8.5 (semver) Affected: 6.7 , < 6.7.4 (semver) Affected: 6.6 , < 6.6.5 (semver) Affected: 6.5 , < 6.5.4 (semver) Affected: 6.4 , < 6.4.6 (semver) Affected: 6.3 , < 6.3.7 (semver) Affected: 6.2 , < 6.2.5 (semver) Affected: 6.1 , < 6.1.5 (semver) Affected: 6.0 , < 6.0.4 (semver) Affected: 5.9 , < 5.9.4 (semver) Affected: 5.8 , < 5.8.4 (semver) Affected: 5.7 , < 5.7.5 (semver) Affected: 5.6 , < 5.6.5 (semver) Affected: 5.5 , < 5.5.5 (semver) Affected: 5.4 , < 5.4.4 (semver) Affected: 5.3 , < 5.3.4 (semver) Affected: 5.2 , < 5.2.5 (semver) Affected: 5.1 , < 5.1.4 (semver) Affected: 5.0 , < 5.0.3 (semver) Affected: 4.9 , < 4.9.3 (semver) Affected: 4.8 , < 4.8.5 (semver) Affected: 4.7 , < 4.7.4 (semver) Affected: 4.6 , < 4.6.3 (semver) Affected: 4.5 , < 4.5.3 (semver) Affected: 4.4 , < 4.4.5 (semver) Affected: 4.3 , < 4.3.5 (semver) Affected: 4.2 , < 4.2.5 (semver) Affected: 4.1.0 , < 4.1.4 (semver) Affected: 4.0.0 , < 4.0.7 (semver) Affected: 3.9.2 , < 3.9.10 (semver) cpe:2.3:a:automattic:jetpack:*:*:*:*:*:wordpress:*:* |
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:automattic:jetpack:*:*:*:*:*:wordpress:*:*"
],
"defaultStatus": "unaffected",
"product": "jetpack",
"vendor": "automattic",
"versions": [
{
"lessThan": "13.9.1",
"status": "affected",
"version": "13.9",
"versionType": "semver"
},
{
"lessThan": "13.8.2",
"status": "affected",
"version": "13.8",
"versionType": "semver"
},
{
"lessThan": "13.7.1",
"status": "affected",
"version": "13.7",
"versionType": "semver"
},
{
"lessThan": "13.6.1",
"status": "affected",
"version": "13.6",
"versionType": "semver"
},
{
"lessThan": "13.5.1",
"status": "affected",
"version": "13.5",
"versionType": "semver"
},
{
"lessThan": "13.4.4",
"status": "affected",
"version": "13.4",
"versionType": "semver"
},
{
"lessThan": "13.3.2",
"status": "affected",
"version": "13.3",
"versionType": "semver"
},
{
"lessThan": "13.2.3",
"status": "affected",
"version": "13.2",
"versionType": "semver"
},
{
"lessThan": "13.1.4",
"status": "affected",
"version": "13.1",
"versionType": "semver"
},
{
"lessThan": "13.0.1",
"status": "affected",
"version": "13.0",
"versionType": "semver"
},
{
"lessThan": "12.9.4",
"status": "affected",
"version": "12.9",
"versionType": "semver"
},
{
"lessThan": "12.8.2",
"status": "affected",
"version": "12.8",
"versionType": "semver"
},
{
"lessThan": "12.7.2",
"status": "affected",
"version": "12.7",
"versionType": "semver"
},
{
"lessThan": "12.6.3",
"status": "affected",
"version": "12.6",
"versionType": "semver"
},
{
"lessThan": "12.5.1",
"status": "affected",
"version": "12.5",
"versionType": "semver"
},
{
"lessThan": "12.4.1",
"status": "affected",
"version": "12.4",
"versionType": "semver"
},
{
"lessThan": "12.3.1",
"status": "affected",
"version": "12.3",
"versionType": "semver"
},
{
"lessThan": "12.2.2",
"status": "affected",
"version": "12.2",
"versionType": "semver"
},
{
"lessThan": "12.1.2",
"status": "affected",
"version": "12.1",
"versionType": "semver"
},
{
"lessThan": "12.0.2",
"status": "affected",
"version": "12.0",
"versionType": "semver"
},
{
"lessThan": "11.9.3",
"status": "affected",
"version": "11.9",
"versionType": "semver"
},
{
"lessThan": "11.8.6",
"status": "affected",
"version": "11.8",
"versionType": "semver"
},
{
"lessThan": "11.7.3",
"status": "affected",
"version": "11.7",
"versionType": "semver"
},
{
"lessThan": "11.6.2",
"status": "affected",
"version": "11.6",
"versionType": "semver"
},
{
"lessThan": "11.5.3",
"status": "affected",
"version": "11.5",
"versionType": "semver"
},
{
"lessThan": "11.4.2",
"status": "affected",
"version": "11.4",
"versionType": "semver"
},
{
"lessThan": "11.3.4",
"status": "affected",
"version": "11.3",
"versionType": "semver"
},
{
"lessThan": "11.2.2",
"status": "affected",
"version": "11.2",
"versionType": "semver"
},
{
"lessThan": "11.1.4",
"status": "affected",
"version": "11.1",
"versionType": "semver"
},
{
"lessThan": "11.0.2",
"status": "affected",
"version": "11.0",
"versionType": "semver"
},
{
"lessThan": "10.9.3",
"status": "affected",
"version": "10.9",
"versionType": "semver"
},
{
"lessThan": "10.8.2",
"status": "affected",
"version": "10.8",
"versionType": "semver"
},
{
"lessThan": "10.7.2",
"status": "affected",
"version": "10.7",
"versionType": "semver"
},
{
"lessThan": "10.6.2",
"status": "affected",
"version": "10.6",
"versionType": "semver"
},
{
"lessThan": "10.5.3",
"status": "affected",
"version": "10.5",
"versionType": "semver"
},
{
"lessThan": "10.4.2",
"status": "affected",
"version": "10.4",
"versionType": "semver"
},
{
"lessThan": "10.3.2",
"status": "affected",
"version": "10.3",
"versionType": "semver"
},
{
"lessThan": "10.2.3",
"status": "affected",
"version": "10.2",
"versionType": "semver"
},
{
"lessThan": "10.1.2",
"status": "affected",
"version": "10.1",
"versionType": "semver"
},
{
"lessThan": "10.0.2",
"status": "affected",
"version": "10.0",
"versionType": "semver"
},
{
"lessThan": "9.9.3",
"status": "affected",
"version": "9.9",
"versionType": "semver"
},
{
"lessThan": "9.8.3",
"status": "affected",
"version": "9.8",
"versionType": "semver"
},
{
"lessThan": "9.7.3",
"status": "affected",
"version": "9.7",
"versionType": "semver"
},
{
"lessThan": "9.6.4",
"status": "affected",
"version": "9.6",
"versionType": "semver"
},
{
"lessThan": "9.5.5",
"status": "affected",
"version": "9.5",
"versionType": "semver"
},
{
"lessThanOrEqual": "9.4.4",
"status": "affected",
"version": "9.4",
"versionType": "semver"
},
{
"lessThan": "9.3.5",
"status": "affected",
"version": "9.3",
"versionType": "semver"
},
{
"lessThan": "9.2.4",
"status": "affected",
"version": "9.2",
"versionType": "semver"
},
{
"lessThan": "9.1.3",
"status": "affected",
"version": "9.1",
"versionType": "semver"
},
{
"lessThan": "9.0.5",
"status": "affected",
"version": "9.0",
"versionType": "semver"
},
{
"lessThan": "8.9.4",
"status": "affected",
"version": "8.9",
"versionType": "semver"
},
{
"lessThan": "8.8.5",
"status": "affected",
"version": "8.8",
"versionType": "semver"
},
{
"lessThan": "8.7.4",
"status": "affected",
"version": "8.7",
"versionType": "semver"
},
{
"lessThan": "8.6.4",
"status": "affected",
"version": "8.6",
"versionType": "semver"
},
{
"lessThan": "8.5.3",
"status": "affected",
"version": "8.5",
"versionType": "semver"
},
{
"lessThan": "8.4.5",
"status": "affected",
"version": "8.4",
"versionType": "semver"
},
{
"lessThan": "8.3.3",
"status": "affected",
"version": "8.3",
"versionType": "semver"
},
{
"lessThan": "8.2.6",
"status": "affected",
"version": "8.2",
"versionType": "semver"
},
{
"lessThan": "8.1.4",
"status": "affected",
"version": "8.1",
"versionType": "semver"
},
{
"lessThan": "8.0.3",
"status": "affected",
"version": "8.0",
"versionType": "semver"
},
{
"lessThan": "7.9.4",
"status": "affected",
"version": "7.9",
"versionType": "semver"
},
{
"lessThan": "7.8.4",
"status": "affected",
"version": "7.8",
"versionType": "semver"
},
{
"lessThan": "7.7.6",
"status": "affected",
"version": "7.7",
"versionType": "semver"
},
{
"lessThan": "7.6.4",
"status": "affected",
"version": "7.6",
"versionType": "semver"
},
{
"lessThan": "7.5.7",
"status": "affected",
"version": "7.5",
"versionType": "semver"
},
{
"lessThan": "7.4.5",
"status": "affected",
"version": "7.4",
"versionType": "semver"
},
{
"lessThan": "7.3.5",
"status": "affected",
"version": "7.3",
"versionType": "semver"
},
{
"lessThan": "7.2.5",
"status": "affected",
"version": "7.2",
"versionType": "semver"
},
{
"lessThan": "7.1.5",
"status": "affected",
"version": "7.1",
"versionType": "semver"
},
{
"lessThan": "7.0.5",
"status": "affected",
"version": "7.0",
"versionType": "semver"
},
{
"lessThan": "6.9.4",
"status": "affected",
"version": "6.9",
"versionType": "semver"
},
{
"lessThan": "6.8.5",
"status": "affected",
"version": "6.8",
"versionType": "semver"
},
{
"lessThan": "6.7.4",
"status": "affected",
"version": "6.7",
"versionType": "semver"
},
{
"lessThan": "6.6.5",
"status": "affected",
"version": "6.6",
"versionType": "semver"
},
{
"lessThan": "6.5.4",
"status": "affected",
"version": "6.5",
"versionType": "semver"
},
{
"lessThan": "6.4.6",
"status": "affected",
"version": "6.4",
"versionType": "semver"
},
{
"lessThan": "6.3.7",
"status": "affected",
"version": "6.3",
"versionType": "semver"
},
{
"lessThan": "6.2.5",
"status": "affected",
"version": "6.2",
"versionType": "semver"
},
{
"lessThan": "6.1.5",
"status": "affected",
"version": "6.1",
"versionType": "semver"
},
{
"lessThan": "6.0.4",
"status": "affected",
"version": "6.0",
"versionType": "semver"
},
{
"lessThan": "5.9.4",
"status": "affected",
"version": "5.9",
"versionType": "semver"
},
{
"lessThan": "5.8.4",
"status": "affected",
"version": "5.8",
"versionType": "semver"
},
{
"lessThan": "5.7.5",
"status": "affected",
"version": "5.7",
"versionType": "semver"
},
{
"lessThan": "5.6.5",
"status": "affected",
"version": "5.6",
"versionType": "semver"
},
{
"lessThan": "5.5.5",
"status": "affected",
"version": "5.5",
"versionType": "semver"
},
{
"lessThan": "5.4.4",
"status": "affected",
"version": "5.4",
"versionType": "semver"
},
{
"lessThan": "5.3.4",
"status": "affected",
"version": "5.3",
"versionType": "semver"
},
{
"lessThan": "5.2.5",
"status": "affected",
"version": "5.2",
"versionType": "semver"
},
{
"lessThan": "5.1.4",
"status": "affected",
"version": "5.1",
"versionType": "semver"
},
{
"lessThan": "5.0.3",
"status": "affected",
"version": "5.0",
"versionType": "semver"
},
{
"lessThan": "4.9.3",
"status": "affected",
"version": "4.9",
"versionType": "semver"
},
{
"lessThan": "4.8.5",
"status": "affected",
"version": "4.8",
"versionType": "semver"
},
{
"lessThan": "4.7.4",
"status": "affected",
"version": "4.7",
"versionType": "semver"
},
{
"lessThan": "4.6.3",
"status": "affected",
"version": "4.6",
"versionType": "semver"
},
{
"lessThan": "4.5.3",
"status": "affected",
"version": "4.5",
"versionType": "semver"
},
{
"lessThan": "4.4.5",
"status": "affected",
"version": "4.4",
"versionType": "semver"
},
{
"lessThan": "4.3.5",
"status": "affected",
"version": "4.3",
"versionType": "semver"
},
{
"lessThan": "4.2.5",
"status": "affected",
"version": "4.2",
"versionType": "semver"
},
{
"lessThan": "4.1.4",
"status": "affected",
"version": "4.1.0",
"versionType": "semver"
},
{
"lessThan": "4.0.7",
"status": "affected",
"version": "4.0.0",
"versionType": "semver"
},
{
"lessThan": "3.9.10",
"status": "affected",
"version": "3.9.2",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-9926",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-07T18:35:48.550122Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-07T19:53:07.815Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "13.9.1",
"status": "affected",
"version": "13.9",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "13.8.2",
"status": "affected",
"version": "13.8",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "13.7.1",
"status": "affected",
"version": "13.7",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "13.6.1",
"status": "affected",
"version": "13.6",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "13.5.1",
"status": "affected",
"version": "13.5",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "13.4.4",
"status": "affected",
"version": "13.4",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "13.3.2",
"status": "affected",
"version": "13.3",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "13.2.3",
"status": "affected",
"version": "13.2",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "13.1.4",
"status": "affected",
"version": "13.1",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "13.0.1",
"status": "affected",
"version": "13.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "12.9.4",
"status": "affected",
"version": "12.9",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "12.8.2",
"status": "affected",
"version": "12.8",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "12.7.2",
"status": "affected",
"version": "12.7",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "12.6.3",
"status": "affected",
"version": "12.6",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "12.5.1",
"status": "affected",
"version": "12.5",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "12.4.1",
"status": "affected",
"version": "12.4",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "12.3.1",
"status": "affected",
"version": "12.3",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "12.2.2",
"status": "affected",
"version": "12.2",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "12.1.2",
"status": "affected",
"version": "12.1",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "12.0.2",
"status": "affected",
"version": "12.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "11.9.3",
"status": "affected",
"version": "11.9",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "11.8.6",
"status": "affected",
"version": "11.8",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "11.7.3",
"status": "affected",
"version": "11.7",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "11.6.2",
"status": "affected",
"version": "11.6",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "11.5.3",
"status": "affected",
"version": "11.5",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "11.4.2",
"status": "affected",
"version": "11.4",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "11.3.4",
"status": "affected",
"version": "11.3",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "11.2.2",
"status": "affected",
"version": "11.2",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "11.1.4",
"status": "affected",
"version": "11.1",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "11.0.2",
"status": "affected",
"version": "11.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "10.9.3",
"status": "affected",
"version": "10.9",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "10.8.2",
"status": "affected",
"version": "10.8",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "10.7.2",
"status": "affected",
"version": "10.7",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "10.6.2",
"status": "affected",
"version": "10.6",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "10.5.3",
"status": "affected",
"version": "10.5",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "10.4.2",
"status": "affected",
"version": "10.4",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "10.3.2",
"status": "affected",
"version": "10.3",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "10.2.3",
"status": "affected",
"version": "10.2",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "10.1.2",
"status": "affected",
"version": "10.1",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "10.0.2",
"status": "affected",
"version": "10.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "9.9.3",
"status": "affected",
"version": "9.9",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "9.8.3",
"status": "affected",
"version": "9.8",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "9.7.3",
"status": "affected",
"version": "9.7",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "9.6.4",
"status": "affected",
"version": "9.6",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "9.5.5",
"status": "affected",
"version": "9.5",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "9.4.4",
"status": "affected",
"version": "9.4",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "9.3.5",
"status": "affected",
"version": "9.3",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "9.2.4",
"status": "affected",
"version": "9.2",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "9.1.3",
"status": "affected",
"version": "9.1",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "9.0.5",
"status": "affected",
"version": "9.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "8.9.4",
"status": "affected",
"version": "8.9",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "8.8.5",
"status": "affected",
"version": "8.8",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "8.7.4",
"status": "affected",
"version": "8.7",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "8.6.4",
"status": "affected",
"version": "8.6",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "8.5.3",
"status": "affected",
"version": "8.5",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "8.4.5",
"status": "affected",
"version": "8.4",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "8.3.3",
"status": "affected",
"version": "8.3",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "8.2.6",
"status": "affected",
"version": "8.2",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "8.1.4",
"status": "affected",
"version": "8.1",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "8.0.3",
"status": "affected",
"version": "8.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "7.9.4",
"status": "affected",
"version": "7.9",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "7.8.4",
"status": "affected",
"version": "7.8",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "7.7.6",
"status": "affected",
"version": "7.7",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "7.6.4",
"status": "affected",
"version": "7.6",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "7.5.7",
"status": "affected",
"version": "7.5",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "7.4.5",
"status": "affected",
"version": "7.4",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "7.3.5",
"status": "affected",
"version": "7.3",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "7.2.5",
"status": "affected",
"version": "7.2",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "7.1.5",
"status": "affected",
"version": "7.1",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "7.0.5",
"status": "affected",
"version": "7.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "6.9.4",
"status": "affected",
"version": "6.9",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "6.8.5",
"status": "affected",
"version": "6.8",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "6.7.4",
"status": "affected",
"version": "6.7",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "6.6.5",
"status": "affected",
"version": "6.6",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "6.5.4",
"status": "affected",
"version": "6.5",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "6.4.6",
"status": "affected",
"version": "6.4",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "6.3.7",
"status": "affected",
"version": "6.3",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "6.2.5",
"status": "affected",
"version": "6.2",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "6.1.5",
"status": "affected",
"version": "6.1",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "6.0.4",
"status": "affected",
"version": "6.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "5.9.4",
"status": "affected",
"version": "5.9",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "5.8.4",
"status": "affected",
"version": "5.8",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "5.7.5",
"status": "affected",
"version": "5.7",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "5.6.5",
"status": "affected",
"version": "5.6",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "5.5.5",
"status": "affected",
"version": "5.5",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "5.4.4",
"status": "affected",
"version": "5.4",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "5.3.4",
"status": "affected",
"version": "5.3",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "5.2.5",
"status": "affected",
"version": "5.2",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "5.1.4",
"status": "affected",
"version": "5.1",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "5.0.3",
"status": "affected",
"version": "5.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "4.9.3",
"status": "affected",
"version": "4.9",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "4.8.5",
"status": "affected",
"version": "4.8",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "4.7.4",
"status": "affected",
"version": "4.7",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "4.6.3",
"status": "affected",
"version": "4.6",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "4.5.3",
"status": "affected",
"version": "4.5",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "4.4.5",
"status": "affected",
"version": "4.4",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "4.3.5",
"status": "affected",
"version": "4.3",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "4.2.5",
"status": "affected",
"version": "4.2",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "4.1.4",
"status": "affected",
"version": "4.1.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "4.0.7",
"status": "affected",
"version": "4.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "3.9.10",
"status": "affected",
"version": "3.9.2",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Marc Montpas"
},
{
"lang": "en",
"type": "coordinator",
"value": "WPScan"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Jetpack WordPress plugin does not have proper authorisation in one of its REST endpoint, allowing any authenticated users, such as subscriber to read arbitrary feedbacks data sent via the Jetpack Contact Form"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-863 Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-07T15:02:38.050Z",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"exploit",
"vdb-entry",
"technical-description"
],
"url": "https://wpscan.com/vulnerability/669382af-f836-4896-bdcb-5c6a57c99bd9/"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Jetpack \u003c 13.9.1 - Subscriber+ Arbitrary Feedback Access",
"x_generator": {
"engine": "WPScan CVE Generator"
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2024-9926",
"datePublished": "2024-11-07T15:02:38.050Z",
"dateReserved": "2024-10-14T09:27:37.145Z",
"dateUpdated": "2024-11-07T19:53:07.815Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-2996 (GCVE-0-2023-2996)
Vulnerability from cvelistv5 – Published: 2023-06-27 13:17 – Updated: 2024-12-05 16:48
VLAI
Title
Jetpack < 12.1.1 - Author+ Arbitrary File Manipulation via API
Summary
The Jetpack WordPress plugin before 12.1.1 does not validate uploaded files, allowing users with author roles or above to manipulate existing files on the site, deleting arbitrary files, and in rare cases achieve Remote Code Execution via phar deserialization.
Severity
No CVSS data available.
SSVC
Exploitation: poc
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://wpscan.com/vulnerability/52d221bd-ae42-43… | exploitvdb-entrytechnical-description |
| https://jetpack.com/blog/jetpack-12-1-1-critical-… | vendor-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Unknown | Jetpack |
Affected:
1.9 , < 2.0.9
(custom)
Affected: 2.1 , < 2.1.7 (custom) Affected: 2.2 , < 2.2.10 (custom) Affected: 2.3 , < 2.3.10 (custom) Affected: 2.4 , < 2.4.7 (custom) Affected: 2.5 , < 2.5.5 (custom) Affected: 2.6 , < 2.6.6 (custom) Affected: 2.7 , < 2.7.5 (custom) Affected: 2.8 , < 2.8.5 (custom) Affected: 2.9 , < 2.9.6 (custom) Affected: 3.0 , < 3.0.6 (custom) Affected: 3.1 , < 3.1.5 (custom) Affected: 3.2 , < 3.2.5 (custom) Affected: 3.3 , < 3.3.6 (custom) Affected: 3.4 , < 3.4.6 (custom) Affected: 3.5 , < 3.5.6 (custom) Affected: 3.6 , < 3.6.4 (custom) Affected: 3.7 , < 3.7.5 (custom) Affected: 3.8 , < 3.8.5 (custom) Affected: 3.9 , < 3.9.9 (custom) Affected: 4.0 , < 4.0.6 (custom) Affected: 4.1 , < 4.1.3 (custom) Affected: 4.2 , < 4.2.4 (custom) Affected: 4.3 , < 4.3.4 (custom) Affected: 4.4 , < 4.4.4 (custom) Affected: 4.5 , < 4.5.2 (custom) Affected: 4.6 , < 4.6.2 (custom) Affected: 4.7 , < 4.7.3 (custom) Affected: 4.8 , < 4.8.4 (custom) Affected: 4.9 , < 4.9.2 (custom) Affected: 5.0 , < 5.0.2 (custom) Affected: 5.1 , < 5.1.3 (custom) Affected: 5.2 , < 5.2.4 (custom) Affected: 5.3 , < 5.3.3 (custom) Affected: 5.4 , < 5.4.3 (custom) Affected: 5.5 , < 5.5.4 (custom) Affected: 5.6 , < 5.6.4 (custom) Affected: 5.7 , < 5.7.4 (custom) Affected: 5.8 , < 5.8.3 (custom) Affected: 5.9 , < 5.9.3 (custom) Affected: 6.0 , < 6.0.3 (custom) Affected: 6.1 , < 6.1.4 (custom) Affected: 6.2 , < 6.2.4 (custom) Affected: 6.3 , < 6.3.6 (custom) Affected: 6.4 , < 6.4.5 (custom) Affected: 6.5 , < 6.5.3 (custom) Affected: 6.6 , < 6.6.4 (custom) Affected: 6.7 , < 6.7.3 (custom) Affected: 6.8 , < 6.8.4 (custom) Affected: 6.9 , < 6.9.3 (custom) Affected: 7.0 , < 7.0.4 (custom) Affected: 7.1 , < 7.1.4 (custom) Affected: 7.2 , < 7.2.4 (custom) Affected: 7.3 , < 7.3.4 (custom) Affected: 7.4 , < 7.4.4 (custom) Affected: 7.5 , < 7.5.6 (custom) Affected: 7.6 , < 7.6.3 (custom) Affected: 7.7 , < 7.7.5 (custom) Affected: 7.8 , < 7.8.3 (custom) Affected: 7.9 , < 7.9.3 (custom) Affected: 8.0 , < 8.0.2 (custom) Affected: 8.1 , < 8.1.3 (custom) Affected: 8.2 , < 8.2.5 (custom) Affected: 8.3 , < 8.3.2 (custom) Affected: 8.4 , < 8.4.4 (custom) Affected: 8.5 , < 8.5.2 (custom) Affected: 8.6 , < 8.6.3 (custom) Affected: 8.7 , < 8.7.3 (custom) Affected: 8.8 , < 8.8.4 (custom) Affected: 8.9 , < 8.9.3 (custom) Affected: 9.0 , < 9.0.4 (custom) Affected: 9.1 , < 9.1.2 (custom) Affected: 9.2 , < 9.2.3 (custom) Affected: 9.3 , < 9.3.4 (custom) Affected: 9.4 , < 9.4.3 (custom) Affected: 9.5 , < 9.5.4 (custom) Affected: 9.6 , < 9.6.3 (custom) Affected: 9.7 , < 9.7.2 (custom) Affected: 9.8 , < 9.8.2 (custom) Affected: 9.9 , < 9.9.2 (custom) Affected: 10.0 , < 10.0.1 (custom) Affected: 10.1 , < 10.1.1 (custom) Affected: 10.2 , < 10.2.2 (custom) Affected: 10.3 , < 10.3.1 (custom) Affected: 10.4 , < 10.4.1 (custom) Affected: 10.5 , < 10.5.2 (custom) Affected: 10.6 , < 10.6.2 (custom) Affected: 10.7 , < 10.7.1 (custom) Affected: 10.8 , < 10.8.1 (custom) Affected: 10.9 , < 10.9.2 (custom) Affected: 11.0 , < 11.0.1 (custom) Affected: 11.1 , < 11.1.3 (custom) Affected: 11.2 , < 11.2.1 (custom) Affected: 11.3 , < 11.3.3 (custom) Affected: 11.4 , < 11.4.1 (custom) Affected: 11.5 , < 11.5.2 (custom) Affected: 11.6 , < 11.6.1 (custom) Affected: 11.7 , < 11.7.2 (custom) Affected: 11.8 , < 11.8.5 (custom) Affected: 11.9 , < 11.9.2 (custom) Affected: 12.0 , < 12.0.1 (custom) Affected: 12.1 , < 12.1.1 (custom) |
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T06:41:03.950Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"exploit",
"vdb-entry",
"technical-description",
"x_transferred"
],
"url": "https://wpscan.com/vulnerability/52d221bd-ae42-435d-a90a-60a5ae530663"
},
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://jetpack.com/blog/jetpack-12-1-1-critical-security-update/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-2996",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-05T16:47:57.983039Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-05T16:48:09.882Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "2.0.9",
"status": "affected",
"version": "1.9",
"versionType": "custom"
},
{
"lessThan": "2.1.7",
"status": "affected",
"version": "2.1",
"versionType": "custom"
},
{
"lessThan": "2.2.10",
"status": "affected",
"version": "2.2",
"versionType": "custom"
},
{
"lessThan": "2.3.10",
"status": "affected",
"version": "2.3",
"versionType": "custom"
},
{
"lessThan": "2.4.7",
"status": "affected",
"version": "2.4",
"versionType": "custom"
},
{
"lessThan": "2.5.5",
"status": "affected",
"version": "2.5",
"versionType": "custom"
},
{
"lessThan": "2.6.6",
"status": "affected",
"version": "2.6",
"versionType": "custom"
},
{
"lessThan": "2.7.5",
"status": "affected",
"version": "2.7",
"versionType": "custom"
},
{
"lessThan": "2.8.5",
"status": "affected",
"version": "2.8",
"versionType": "custom"
},
{
"lessThan": "2.9.6",
"status": "affected",
"version": "2.9",
"versionType": "custom"
},
{
"lessThan": "3.0.6",
"status": "affected",
"version": "3.0",
"versionType": "custom"
},
{
"lessThan": "3.1.5",
"status": "affected",
"version": "3.1",
"versionType": "custom"
},
{
"lessThan": "3.2.5",
"status": "affected",
"version": "3.2",
"versionType": "custom"
},
{
"lessThan": "3.3.6",
"status": "affected",
"version": "3.3",
"versionType": "custom"
},
{
"lessThan": "3.4.6",
"status": "affected",
"version": "3.4",
"versionType": "custom"
},
{
"lessThan": "3.5.6",
"status": "affected",
"version": "3.5",
"versionType": "custom"
},
{
"lessThan": "3.6.4",
"status": "affected",
"version": "3.6",
"versionType": "custom"
},
{
"lessThan": "3.7.5",
"status": "affected",
"version": "3.7",
"versionType": "custom"
},
{
"lessThan": "3.8.5",
"status": "affected",
"version": "3.8",
"versionType": "custom"
},
{
"lessThan": "3.9.9",
"status": "affected",
"version": "3.9",
"versionType": "custom"
},
{
"lessThan": "4.0.6",
"status": "affected",
"version": "4.0",
"versionType": "custom"
},
{
"lessThan": "4.1.3",
"status": "affected",
"version": "4.1",
"versionType": "custom"
},
{
"lessThan": "4.2.4",
"status": "affected",
"version": "4.2",
"versionType": "custom"
},
{
"lessThan": "4.3.4",
"status": "affected",
"version": "4.3",
"versionType": "custom"
},
{
"lessThan": "4.4.4",
"status": "affected",
"version": "4.4",
"versionType": "custom"
},
{
"lessThan": "4.5.2",
"status": "affected",
"version": "4.5",
"versionType": "custom"
},
{
"lessThan": "4.6.2",
"status": "affected",
"version": "4.6",
"versionType": "custom"
},
{
"lessThan": "4.7.3",
"status": "affected",
"version": "4.7",
"versionType": "custom"
},
{
"lessThan": "4.8.4",
"status": "affected",
"version": "4.8",
"versionType": "custom"
},
{
"lessThan": "4.9.2",
"status": "affected",
"version": "4.9",
"versionType": "custom"
},
{
"lessThan": "5.0.2",
"status": "affected",
"version": "5.0",
"versionType": "custom"
},
{
"lessThan": "5.1.3",
"status": "affected",
"version": "5.1",
"versionType": "custom"
},
{
"lessThan": "5.2.4",
"status": "affected",
"version": "5.2",
"versionType": "custom"
},
{
"lessThan": "5.3.3",
"status": "affected",
"version": "5.3",
"versionType": "custom"
},
{
"lessThan": "5.4.3",
"status": "affected",
"version": "5.4",
"versionType": "custom"
},
{
"lessThan": "5.5.4",
"status": "affected",
"version": "5.5",
"versionType": "custom"
},
{
"lessThan": "5.6.4",
"status": "affected",
"version": "5.6",
"versionType": "custom"
},
{
"lessThan": "5.7.4",
"status": "affected",
"version": "5.7",
"versionType": "custom"
},
{
"lessThan": "5.8.3",
"status": "affected",
"version": "5.8",
"versionType": "custom"
},
{
"lessThan": "5.9.3",
"status": "affected",
"version": "5.9",
"versionType": "custom"
},
{
"lessThan": "6.0.3",
"status": "affected",
"version": "6.0",
"versionType": "custom"
},
{
"lessThan": "6.1.4",
"status": "affected",
"version": "6.1",
"versionType": "custom"
},
{
"lessThan": "6.2.4",
"status": "affected",
"version": "6.2",
"versionType": "custom"
},
{
"lessThan": "6.3.6",
"status": "affected",
"version": "6.3",
"versionType": "custom"
},
{
"lessThan": "6.4.5",
"status": "affected",
"version": "6.4",
"versionType": "custom"
},
{
"lessThan": "6.5.3",
"status": "affected",
"version": "6.5",
"versionType": "custom"
},
{
"lessThan": "6.6.4",
"status": "affected",
"version": "6.6",
"versionType": "custom"
},
{
"lessThan": "6.7.3",
"status": "affected",
"version": "6.7",
"versionType": "custom"
},
{
"lessThan": "6.8.4",
"status": "affected",
"version": "6.8",
"versionType": "custom"
},
{
"lessThan": "6.9.3",
"status": "affected",
"version": "6.9",
"versionType": "custom"
},
{
"lessThan": "7.0.4",
"status": "affected",
"version": "7.0",
"versionType": "custom"
},
{
"lessThan": "7.1.4",
"status": "affected",
"version": "7.1",
"versionType": "custom"
},
{
"lessThan": "7.2.4",
"status": "affected",
"version": "7.2",
"versionType": "custom"
},
{
"lessThan": "7.3.4",
"status": "affected",
"version": "7.3",
"versionType": "custom"
},
{
"lessThan": "7.4.4",
"status": "affected",
"version": "7.4",
"versionType": "custom"
},
{
"lessThan": "7.5.6",
"status": "affected",
"version": "7.5",
"versionType": "custom"
},
{
"lessThan": "7.6.3",
"status": "affected",
"version": "7.6",
"versionType": "custom"
},
{
"lessThan": "7.7.5",
"status": "affected",
"version": "7.7",
"versionType": "custom"
},
{
"lessThan": "7.8.3",
"status": "affected",
"version": "7.8",
"versionType": "custom"
},
{
"lessThan": "7.9.3",
"status": "affected",
"version": "7.9",
"versionType": "custom"
},
{
"lessThan": "8.0.2",
"status": "affected",
"version": "8.0",
"versionType": "custom"
},
{
"lessThan": "8.1.3",
"status": "affected",
"version": "8.1",
"versionType": "custom"
},
{
"lessThan": "8.2.5",
"status": "affected",
"version": "8.2",
"versionType": "custom"
},
{
"lessThan": "8.3.2",
"status": "affected",
"version": "8.3",
"versionType": "custom"
},
{
"lessThan": "8.4.4",
"status": "affected",
"version": "8.4",
"versionType": "custom"
},
{
"lessThan": "8.5.2",
"status": "affected",
"version": "8.5",
"versionType": "custom"
},
{
"lessThan": "8.6.3",
"status": "affected",
"version": "8.6",
"versionType": "custom"
},
{
"lessThan": "8.7.3",
"status": "affected",
"version": "8.7",
"versionType": "custom"
},
{
"lessThan": "8.8.4",
"status": "affected",
"version": "8.8",
"versionType": "custom"
},
{
"lessThan": "8.9.3",
"status": "affected",
"version": "8.9",
"versionType": "custom"
},
{
"lessThan": "9.0.4",
"status": "affected",
"version": "9.0",
"versionType": "custom"
},
{
"lessThan": "9.1.2",
"status": "affected",
"version": "9.1",
"versionType": "custom"
},
{
"lessThan": "9.2.3",
"status": "affected",
"version": "9.2",
"versionType": "custom"
},
{
"lessThan": "9.3.4",
"status": "affected",
"version": "9.3",
"versionType": "custom"
},
{
"lessThan": "9.4.3",
"status": "affected",
"version": "9.4",
"versionType": "custom"
},
{
"lessThan": "9.5.4",
"status": "affected",
"version": "9.5",
"versionType": "custom"
},
{
"lessThan": "9.6.3",
"status": "affected",
"version": "9.6",
"versionType": "custom"
},
{
"lessThan": "9.7.2",
"status": "affected",
"version": "9.7",
"versionType": "custom"
},
{
"lessThan": "9.8.2",
"status": "affected",
"version": "9.8",
"versionType": "custom"
},
{
"lessThan": "9.9.2",
"status": "affected",
"version": "9.9",
"versionType": "custom"
},
{
"lessThan": "10.0.1",
"status": "affected",
"version": "10.0",
"versionType": "custom"
},
{
"lessThan": "10.1.1",
"status": "affected",
"version": "10.1",
"versionType": "custom"
},
{
"lessThan": "10.2.2",
"status": "affected",
"version": "10.2",
"versionType": "custom"
},
{
"lessThan": "10.3.1",
"status": "affected",
"version": "10.3",
"versionType": "custom"
},
{
"lessThan": "10.4.1",
"status": "affected",
"version": "10.4",
"versionType": "custom"
},
{
"lessThan": "10.5.2",
"status": "affected",
"version": "10.5",
"versionType": "custom"
},
{
"lessThan": "10.6.2",
"status": "affected",
"version": "10.6",
"versionType": "custom"
},
{
"lessThan": "10.7.1",
"status": "affected",
"version": "10.7",
"versionType": "custom"
},
{
"lessThan": "10.8.1",
"status": "affected",
"version": "10.8",
"versionType": "custom"
},
{
"lessThan": "10.9.2",
"status": "affected",
"version": "10.9",
"versionType": "custom"
},
{
"lessThan": "11.0.1",
"status": "affected",
"version": "11.0",
"versionType": "custom"
},
{
"lessThan": "11.1.3",
"status": "affected",
"version": "11.1",
"versionType": "custom"
},
{
"lessThan": "11.2.1",
"status": "affected",
"version": "11.2",
"versionType": "custom"
},
{
"lessThan": "11.3.3",
"status": "affected",
"version": "11.3",
"versionType": "custom"
},
{
"lessThan": "11.4.1",
"status": "affected",
"version": "11.4",
"versionType": "custom"
},
{
"lessThan": "11.5.2",
"status": "affected",
"version": "11.5",
"versionType": "custom"
},
{
"lessThan": "11.6.1",
"status": "affected",
"version": "11.6",
"versionType": "custom"
},
{
"lessThan": "11.7.2",
"status": "affected",
"version": "11.7",
"versionType": "custom"
},
{
"lessThan": "11.8.5",
"status": "affected",
"version": "11.8",
"versionType": "custom"
},
{
"lessThan": "11.9.2",
"status": "affected",
"version": "11.9",
"versionType": "custom"
},
{
"lessThan": "12.0.1",
"status": "affected",
"version": "12.0",
"versionType": "custom"
},
{
"lessThan": "12.1.1",
"status": "affected",
"version": "12.1",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Miguel Neto"
},
{
"lang": "en",
"type": "coordinator",
"value": "WPScan"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Jetpack WordPress plugin before 12.1.1 does not validate uploaded files, allowing users with author roles or above to manipulate existing files on the site, deleting arbitrary files, and in rare cases achieve Remote Code Execution via phar deserialization."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-27T13:17:07.479Z",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"exploit",
"vdb-entry",
"technical-description"
],
"url": "https://wpscan.com/vulnerability/52d221bd-ae42-435d-a90a-60a5ae530663"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://jetpack.com/blog/jetpack-12-1-1-critical-security-update/"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Jetpack \u003c 12.1.1 - Author+ Arbitrary File Manipulation via API",
"x_generator": {
"engine": "WPScan CVE Generator"
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2023-2996",
"datePublished": "2023-06-27T13:17:07.479Z",
"dateReserved": "2023-05-30T19:10:08.911Z",
"dateUpdated": "2024-12-05T16:48:09.882Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-10076 (GCVE-0-2024-10076)
Vulnerability from nvd – Published: 2025-05-15 20:06 – Updated: 2025-05-20 16:03
VLAI
Title
Jetpack < 13.8, Boost < 3.4.8 - Contributor+ Stored XSS
Summary
The Jetpack WordPress plugin before 13.8, Jetpack Boost WordPress plugin before 3.4.8 use regexes in the Site Accelerator features when switching image URLs to their CDN counterpart. Unfortunately, some of them may match patterns it shouldn’t, ultimately making it possible for contributor and above users to perform Stored XSS attacks
Severity
5.9 (Medium)
SSVC
Exploitation: poc
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://wpscan.com/vulnerability/15f278f6-0418-4c… | exploitvdb-entrytechnical-description |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Unknown | Jetpack |
Affected:
0 , < 13.8
(semver)
|
|
| Unknown | Jetpack Boost |
Affected:
0 , < 3.4.8
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-10076",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-20T15:47:11.845919Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-20T16:03:22.267Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://wpscan.com/vulnerability/15f278f6-0418-4c83-b925-b1a2d8c53e2f/"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "13.8",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack Boost",
"vendor": "Unknown",
"versions": [
{
"lessThan": "3.4.8",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Marc Montpas"
},
{
"lang": "en",
"type": "coordinator",
"value": "WPScan"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Jetpack WordPress plugin before 13.8, Jetpack Boost WordPress plugin before 3.4.8 use regexes in the Site Accelerator features when switching image URLs to their CDN counterpart. Unfortunately, some of them may match patterns it shouldn\u2019t, ultimately making it possible for contributor and above users to perform Stored XSS attacks"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-79 Cross-Site Scripting (XSS)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-15T20:06:40.424Z",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"exploit",
"vdb-entry",
"technical-description"
],
"url": "https://wpscan.com/vulnerability/15f278f6-0418-4c83-b925-b1a2d8c53e2f/"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Jetpack \u003c 13.8, Boost \u003c 3.4.8 - Contributor+ Stored XSS",
"x_generator": {
"engine": "WPScan CVE Generator"
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2024-10076",
"datePublished": "2025-05-15T20:06:40.424Z",
"dateReserved": "2024-10-17T09:02:05.021Z",
"dateUpdated": "2025-05-20T16:03:22.267Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-10075 (GCVE-0-2024-10075)
Vulnerability from nvd – Published: 2025-05-15 20:06 – Updated: 2025-05-20 16:10
VLAI
Title
Jetpack < 13.8 - Unauthenticated Arbitrary Block & Shortcode Execution
Summary
The Jetpack WordPress plugin before 13.8 does not ensure that the post created by the Contact Form is only accessible to authorised users, which could allow unauthenticated users to run arbitrary shortcodes and block.
Severity
5.6 (Medium)
SSVC
Exploitation: poc
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://wpscan.com/vulnerability/a984976c-291a-4f… | exploitvdb-entrytechnical-description |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-10075",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-20T16:08:22.976995Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-20T16:10:57.508Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://wpscan.com/vulnerability/a984976c-291a-4f68-90d4-e452605ea7d1/"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "13.8",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Marc Montpas"
},
{
"lang": "en",
"type": "coordinator",
"value": "WPScan"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Jetpack WordPress plugin before 13.8 does not ensure that the post created by the Contact Form is only accessible to authorised users, which could allow unauthenticated users to run arbitrary shortcodes and block."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-639 Authorization Bypass Through User-Controlled Key",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-15T20:06:40.225Z",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"exploit",
"vdb-entry",
"technical-description"
],
"url": "https://wpscan.com/vulnerability/a984976c-291a-4f68-90d4-e452605ea7d1/"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Jetpack \u003c 13.8 - Unauthenticated Arbitrary Block \u0026 Shortcode Execution",
"x_generator": {
"engine": "WPScan CVE Generator"
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2024-10075",
"datePublished": "2025-05-15T20:06:40.225Z",
"dateReserved": "2024-10-17T08:50:53.381Z",
"dateUpdated": "2025-05-20T16:10:57.508Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-10858 (GCVE-0-2024-10858)
Vulnerability from nvd – Published: 2024-12-25 06:00 – Updated: 2024-12-26 19:53
VLAI
Title
Jetpack 13.0-14.0 - Unauthenticated DOM-XSS
Summary
The Jetpack WordPress plugin before 14.1 does not properly checks the postmessage origin in its 13.x versions, allowing it to be bypassed and leading to DOM-XSS. The issue only affects websites hosted on WordPress.com.
Severity
6.1 (Medium)
SSVC
Exploitation: poc
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://wpscan.com/vulnerability/7fecba37-d718-4d… | exploitvdb-entrytechnical-description |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-10858",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-26T19:52:57.866186Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-26T19:53:41.888Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://wpscan.com/vulnerability/7fecba37-d718-4dd4-89f3-285fb36a4165/"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "14.1",
"status": "affected",
"version": "13.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Eldar (hakupiku)"
},
{
"lang": "en",
"type": "coordinator",
"value": "WPScan"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Jetpack WordPress plugin before 14.1 does not properly checks the postmessage origin in its 13.x versions, allowing it to be bypassed and leading to DOM-XSS. The issue only affects websites hosted on WordPress.com."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-79 Cross-Site Scripting (XSS)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-25T06:00:02.663Z",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"exploit",
"vdb-entry",
"technical-description"
],
"url": "https://wpscan.com/vulnerability/7fecba37-d718-4dd4-89f3-285fb36a4165/"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Jetpack 13.0-14.0 - Unauthenticated DOM-XSS",
"x_generator": {
"engine": "WPScan CVE Generator"
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2024-10858",
"datePublished": "2024-12-25T06:00:02.663Z",
"dateReserved": "2024-11-05T13:26:58.545Z",
"dateUpdated": "2024-12-26T19:53:41.888Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-9926 (GCVE-0-2024-9926)
Vulnerability from nvd – Published: 2024-11-07 15:02 – Updated: 2024-11-07 19:53
VLAI
Title
Jetpack < 13.9.1 - Subscriber+ Arbitrary Feedback Access
Summary
The Jetpack WordPress plugin does not have proper authorisation in one of its REST endpoint, allowing any authenticated users, such as subscriber to read arbitrary feedbacks data sent via the Jetpack Contact Form
Severity
4.3 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://wpscan.com/vulnerability/669382af-f836-48… | exploitvdb-entrytechnical-description |
Impacted products
102 products
| Vendor | Product | Version | |
|---|---|---|---|
| Unknown | Jetpack |
Affected:
13.9 , < 13.9.1
(semver)
|
|
| Unknown | Jetpack |
Affected:
13.8 , < 13.8.2
(semver)
|
|
| Unknown | Jetpack |
Affected:
13.7 , < 13.7.1
(semver)
|
|
| Unknown | Jetpack |
Affected:
13.6 , < 13.6.1
(semver)
|
|
| Unknown | Jetpack |
Affected:
13.5 , < 13.5.1
(semver)
|
|
| Unknown | Jetpack |
Affected:
13.4 , < 13.4.4
(semver)
|
|
| Unknown | Jetpack |
Affected:
13.3 , < 13.3.2
(semver)
|
|
| Unknown | Jetpack |
Affected:
13.2 , < 13.2.3
(semver)
|
|
| Unknown | Jetpack |
Affected:
13.1 , < 13.1.4
(semver)
|
|
| Unknown | Jetpack |
Affected:
13.0 , < 13.0.1
(semver)
|
|
| Unknown | Jetpack |
Affected:
12.9 , < 12.9.4
(semver)
|
|
| Unknown | Jetpack |
Affected:
12.8 , < 12.8.2
(semver)
|
|
| Unknown | Jetpack |
Affected:
12.7 , < 12.7.2
(semver)
|
|
| Unknown | Jetpack |
Affected:
12.6 , < 12.6.3
(semver)
|
|
| Unknown | Jetpack |
Affected:
12.5 , < 12.5.1
(semver)
|
|
| Unknown | Jetpack |
Affected:
12.4 , < 12.4.1
(semver)
|
|
| Unknown | Jetpack |
Affected:
12.3 , < 12.3.1
(semver)
|
|
| Unknown | Jetpack |
Affected:
12.2 , < 12.2.2
(semver)
|
|
| Unknown | Jetpack |
Affected:
12.1 , < 12.1.2
(semver)
|
|
| Unknown | Jetpack |
Affected:
12.0 , < 12.0.2
(semver)
|
|
| Unknown | Jetpack |
Affected:
11.9 , < 11.9.3
(semver)
|
|
| Unknown | Jetpack |
Affected:
11.8 , < 11.8.6
(semver)
|
|
| Unknown | Jetpack |
Affected:
11.7 , < 11.7.3
(semver)
|
|
| Unknown | Jetpack |
Affected:
11.6 , < 11.6.2
(semver)
|
|
| Unknown | Jetpack |
Affected:
11.5 , < 11.5.3
(semver)
|
|
| Unknown | Jetpack |
Affected:
11.4 , < 11.4.2
(semver)
|
|
| Unknown | Jetpack |
Affected:
11.3 , < 11.3.4
(semver)
|
|
| Unknown | Jetpack |
Affected:
11.2 , < 11.2.2
(semver)
|
|
| Unknown | Jetpack |
Affected:
11.1 , < 11.1.4
(semver)
|
|
| Unknown | Jetpack |
Affected:
11.0 , < 11.0.2
(semver)
|
|
| Unknown | Jetpack |
Affected:
10.9 , < 10.9.3
(semver)
|
|
| Unknown | Jetpack |
Affected:
10.8 , < 10.8.2
(semver)
|
|
| Unknown | Jetpack |
Affected:
10.7 , < 10.7.2
(semver)
|
|
| Unknown | Jetpack |
Affected:
10.6 , < 10.6.2
(semver)
|
|
| Unknown | Jetpack |
Affected:
10.5 , < 10.5.3
(semver)
|
|
| Unknown | Jetpack |
Affected:
10.4 , < 10.4.2
(semver)
|
|
| Unknown | Jetpack |
Affected:
10.3 , < 10.3.2
(semver)
|
|
| Unknown | Jetpack |
Affected:
10.2 , < 10.2.3
(semver)
|
|
| Unknown | Jetpack |
Affected:
10.1 , < 10.1.2
(semver)
|
|
| Unknown | Jetpack |
Affected:
10.0 , < 10.0.2
(semver)
|
|
| Unknown | Jetpack |
Affected:
9.9 , < 9.9.3
(semver)
|
|
| Unknown | Jetpack |
Affected:
9.8 , < 9.8.3
(semver)
|
|
| Unknown | Jetpack |
Affected:
9.7 , < 9.7.3
(semver)
|
|
| Unknown | Jetpack |
Affected:
9.6 , < 9.6.4
(semver)
|
|
| Unknown | Jetpack |
Affected:
9.5 , < 9.5.5
(semver)
|
|
| Unknown | Jetpack |
Affected:
9.4 , < 9.4.4
(semver)
|
|
| Unknown | Jetpack |
Affected:
9.3 , < 9.3.5
(semver)
|
|
| Unknown | Jetpack |
Affected:
9.2 , < 9.2.4
(semver)
|
|
| Unknown | Jetpack |
Affected:
9.1 , < 9.1.3
(semver)
|
|
| Unknown | Jetpack |
Affected:
9.0 , < 9.0.5
(semver)
|
|
| Unknown | Jetpack |
Affected:
8.9 , < 8.9.4
(semver)
|
|
| Unknown | Jetpack |
Affected:
8.8 , < 8.8.5
(semver)
|
|
| Unknown | Jetpack |
Affected:
8.7 , < 8.7.4
(semver)
|
|
| Unknown | Jetpack |
Affected:
8.6 , < 8.6.4
(semver)
|
|
| Unknown | Jetpack |
Affected:
8.5 , < 8.5.3
(semver)
|
|
| Unknown | Jetpack |
Affected:
8.4 , < 8.4.5
(semver)
|
|
| Unknown | Jetpack |
Affected:
8.3 , < 8.3.3
(semver)
|
|
| Unknown | Jetpack |
Affected:
8.2 , < 8.2.6
(semver)
|
|
| Unknown | Jetpack |
Affected:
8.1 , < 8.1.4
(semver)
|
|
| Unknown | Jetpack |
Affected:
8.0 , < 8.0.3
(semver)
|
|
| Unknown | Jetpack |
Affected:
7.9 , < 7.9.4
(semver)
|
|
| Unknown | Jetpack |
Affected:
7.8 , < 7.8.4
(semver)
|
|
| Unknown | Jetpack |
Affected:
7.7 , < 7.7.6
(semver)
|
|
| Unknown | Jetpack |
Affected:
7.6 , < 7.6.4
(semver)
|
|
| Unknown | Jetpack |
Affected:
7.5 , < 7.5.7
(semver)
|
|
| Unknown | Jetpack |
Affected:
7.4 , < 7.4.5
(semver)
|
|
| Unknown | Jetpack |
Affected:
7.3 , < 7.3.5
(semver)
|
|
| Unknown | Jetpack |
Affected:
7.2 , < 7.2.5
(semver)
|
|
| Unknown | Jetpack |
Affected:
7.1 , < 7.1.5
(semver)
|
|
| Unknown | Jetpack |
Affected:
7.0 , < 7.0.5
(semver)
|
|
| Unknown | Jetpack |
Affected:
6.9 , < 6.9.4
(semver)
|
|
| Unknown | Jetpack |
Affected:
6.8 , < 6.8.5
(semver)
|
|
| Unknown | Jetpack |
Affected:
6.7 , < 6.7.4
(semver)
|
|
| Unknown | Jetpack |
Affected:
6.6 , < 6.6.5
(semver)
|
|
| Unknown | Jetpack |
Affected:
6.5 , < 6.5.4
(semver)
|
|
| Unknown | Jetpack |
Affected:
6.4 , < 6.4.6
(semver)
|
|
| Unknown | Jetpack |
Affected:
6.3 , < 6.3.7
(semver)
|
|
| Unknown | Jetpack |
Affected:
6.2 , < 6.2.5
(semver)
|
|
| Unknown | Jetpack |
Affected:
6.1 , < 6.1.5
(semver)
|
|
| Unknown | Jetpack |
Affected:
6.0 , < 6.0.4
(semver)
|
|
| Unknown | Jetpack |
Affected:
5.9 , < 5.9.4
(semver)
|
|
| Unknown | Jetpack |
Affected:
5.8 , < 5.8.4
(semver)
|
|
| Unknown | Jetpack |
Affected:
5.7 , < 5.7.5
(semver)
|
|
| Unknown | Jetpack |
Affected:
5.6 , < 5.6.5
(semver)
|
|
| Unknown | Jetpack |
Affected:
5.5 , < 5.5.5
(semver)
|
|
| Unknown | Jetpack |
Affected:
5.4 , < 5.4.4
(semver)
|
|
| Unknown | Jetpack |
Affected:
5.3 , < 5.3.4
(semver)
|
|
| Unknown | Jetpack |
Affected:
5.2 , < 5.2.5
(semver)
|
|
| Unknown | Jetpack |
Affected:
5.1 , < 5.1.4
(semver)
|
|
| Unknown | Jetpack |
Affected:
5.0 , < 5.0.3
(semver)
|
|
| Unknown | Jetpack |
Affected:
4.9 , < 4.9.3
(semver)
|
|
| Unknown | Jetpack |
Affected:
4.8 , < 4.8.5
(semver)
|
|
| Unknown | Jetpack |
Affected:
4.7 , < 4.7.4
(semver)
|
|
| Unknown | Jetpack |
Affected:
4.6 , < 4.6.3
(semver)
|
|
| Unknown | Jetpack |
Affected:
4.5 , < 4.5.3
(semver)
|
|
| Unknown | Jetpack |
Affected:
4.4 , < 4.4.5
(semver)
|
|
| Unknown | Jetpack |
Affected:
4.3 , < 4.3.5
(semver)
|
|
| Unknown | Jetpack |
Affected:
4.2 , < 4.2.5
(semver)
|
|
| Unknown | Jetpack |
Affected:
4.1.0 , < 4.1.4
(semver)
|
|
| Unknown | Jetpack |
Affected:
4.0.0 , < 4.0.7
(semver)
|
|
| Unknown | Jetpack |
Affected:
3.9.2 , < 3.9.10
(semver)
|
|
| automattic | jetpack |
Affected:
13.9 , < 13.9.1
(semver)
Affected: 13.8 , < 13.8.2 (semver) Affected: 13.7 , < 13.7.1 (semver) Affected: 13.6 , < 13.6.1 (semver) Affected: 13.5 , < 13.5.1 (semver) Affected: 13.4 , < 13.4.4 (semver) Affected: 13.3 , < 13.3.2 (semver) Affected: 13.2 , < 13.2.3 (semver) Affected: 13.1 , < 13.1.4 (semver) Affected: 13.0 , < 13.0.1 (semver) Affected: 12.9 , < 12.9.4 (semver) Affected: 12.8 , < 12.8.2 (semver) Affected: 12.7 , < 12.7.2 (semver) Affected: 12.6 , < 12.6.3 (semver) Affected: 12.5 , < 12.5.1 (semver) Affected: 12.4 , < 12.4.1 (semver) Affected: 12.3 , < 12.3.1 (semver) Affected: 12.2 , < 12.2.2 (semver) Affected: 12.1 , < 12.1.2 (semver) Affected: 12.0 , < 12.0.2 (semver) Affected: 11.9 , < 11.9.3 (semver) Affected: 11.8 , < 11.8.6 (semver) Affected: 11.7 , < 11.7.3 (semver) Affected: 11.6 , < 11.6.2 (semver) Affected: 11.5 , < 11.5.3 (semver) Affected: 11.4 , < 11.4.2 (semver) Affected: 11.3 , < 11.3.4 (semver) Affected: 11.2 , < 11.2.2 (semver) Affected: 11.1 , < 11.1.4 (semver) Affected: 11.0 , < 11.0.2 (semver) Affected: 10.9 , < 10.9.3 (semver) Affected: 10.8 , < 10.8.2 (semver) Affected: 10.7 , < 10.7.2 (semver) Affected: 10.6 , < 10.6.2 (semver) Affected: 10.5 , < 10.5.3 (semver) Affected: 10.4 , < 10.4.2 (semver) Affected: 10.3 , < 10.3.2 (semver) Affected: 10.2 , < 10.2.3 (semver) Affected: 10.1 , < 10.1.2 (semver) Affected: 10.0 , < 10.0.2 (semver) Affected: 9.9 , < 9.9.3 (semver) Affected: 9.8 , < 9.8.3 (semver) Affected: 9.7 , < 9.7.3 (semver) Affected: 9.6 , < 9.6.4 (semver) Affected: 9.5 , < 9.5.5 (semver) Affected: 9.4 , ≤ 9.4.4 (semver) Affected: 9.3 , < 9.3.5 (semver) Affected: 9.2 , < 9.2.4 (semver) Affected: 9.1 , < 9.1.3 (semver) Affected: 9.0 , < 9.0.5 (semver) Affected: 8.9 , < 8.9.4 (semver) Affected: 8.8 , < 8.8.5 (semver) Affected: 8.7 , < 8.7.4 (semver) Affected: 8.6 , < 8.6.4 (semver) Affected: 8.5 , < 8.5.3 (semver) Affected: 8.4 , < 8.4.5 (semver) Affected: 8.3 , < 8.3.3 (semver) Affected: 8.2 , < 8.2.6 (semver) Affected: 8.1 , < 8.1.4 (semver) Affected: 8.0 , < 8.0.3 (semver) Affected: 7.9 , < 7.9.4 (semver) Affected: 7.8 , < 7.8.4 (semver) Affected: 7.7 , < 7.7.6 (semver) Affected: 7.6 , < 7.6.4 (semver) Affected: 7.5 , < 7.5.7 (semver) Affected: 7.4 , < 7.4.5 (semver) Affected: 7.3 , < 7.3.5 (semver) Affected: 7.2 , < 7.2.5 (semver) Affected: 7.1 , < 7.1.5 (semver) Affected: 7.0 , < 7.0.5 (semver) Affected: 6.9 , < 6.9.4 (semver) Affected: 6.8 , < 6.8.5 (semver) Affected: 6.7 , < 6.7.4 (semver) Affected: 6.6 , < 6.6.5 (semver) Affected: 6.5 , < 6.5.4 (semver) Affected: 6.4 , < 6.4.6 (semver) Affected: 6.3 , < 6.3.7 (semver) Affected: 6.2 , < 6.2.5 (semver) Affected: 6.1 , < 6.1.5 (semver) Affected: 6.0 , < 6.0.4 (semver) Affected: 5.9 , < 5.9.4 (semver) Affected: 5.8 , < 5.8.4 (semver) Affected: 5.7 , < 5.7.5 (semver) Affected: 5.6 , < 5.6.5 (semver) Affected: 5.5 , < 5.5.5 (semver) Affected: 5.4 , < 5.4.4 (semver) Affected: 5.3 , < 5.3.4 (semver) Affected: 5.2 , < 5.2.5 (semver) Affected: 5.1 , < 5.1.4 (semver) Affected: 5.0 , < 5.0.3 (semver) Affected: 4.9 , < 4.9.3 (semver) Affected: 4.8 , < 4.8.5 (semver) Affected: 4.7 , < 4.7.4 (semver) Affected: 4.6 , < 4.6.3 (semver) Affected: 4.5 , < 4.5.3 (semver) Affected: 4.4 , < 4.4.5 (semver) Affected: 4.3 , < 4.3.5 (semver) Affected: 4.2 , < 4.2.5 (semver) Affected: 4.1.0 , < 4.1.4 (semver) Affected: 4.0.0 , < 4.0.7 (semver) Affected: 3.9.2 , < 3.9.10 (semver) cpe:2.3:a:automattic:jetpack:*:*:*:*:*:wordpress:*:* |
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:automattic:jetpack:*:*:*:*:*:wordpress:*:*"
],
"defaultStatus": "unaffected",
"product": "jetpack",
"vendor": "automattic",
"versions": [
{
"lessThan": "13.9.1",
"status": "affected",
"version": "13.9",
"versionType": "semver"
},
{
"lessThan": "13.8.2",
"status": "affected",
"version": "13.8",
"versionType": "semver"
},
{
"lessThan": "13.7.1",
"status": "affected",
"version": "13.7",
"versionType": "semver"
},
{
"lessThan": "13.6.1",
"status": "affected",
"version": "13.6",
"versionType": "semver"
},
{
"lessThan": "13.5.1",
"status": "affected",
"version": "13.5",
"versionType": "semver"
},
{
"lessThan": "13.4.4",
"status": "affected",
"version": "13.4",
"versionType": "semver"
},
{
"lessThan": "13.3.2",
"status": "affected",
"version": "13.3",
"versionType": "semver"
},
{
"lessThan": "13.2.3",
"status": "affected",
"version": "13.2",
"versionType": "semver"
},
{
"lessThan": "13.1.4",
"status": "affected",
"version": "13.1",
"versionType": "semver"
},
{
"lessThan": "13.0.1",
"status": "affected",
"version": "13.0",
"versionType": "semver"
},
{
"lessThan": "12.9.4",
"status": "affected",
"version": "12.9",
"versionType": "semver"
},
{
"lessThan": "12.8.2",
"status": "affected",
"version": "12.8",
"versionType": "semver"
},
{
"lessThan": "12.7.2",
"status": "affected",
"version": "12.7",
"versionType": "semver"
},
{
"lessThan": "12.6.3",
"status": "affected",
"version": "12.6",
"versionType": "semver"
},
{
"lessThan": "12.5.1",
"status": "affected",
"version": "12.5",
"versionType": "semver"
},
{
"lessThan": "12.4.1",
"status": "affected",
"version": "12.4",
"versionType": "semver"
},
{
"lessThan": "12.3.1",
"status": "affected",
"version": "12.3",
"versionType": "semver"
},
{
"lessThan": "12.2.2",
"status": "affected",
"version": "12.2",
"versionType": "semver"
},
{
"lessThan": "12.1.2",
"status": "affected",
"version": "12.1",
"versionType": "semver"
},
{
"lessThan": "12.0.2",
"status": "affected",
"version": "12.0",
"versionType": "semver"
},
{
"lessThan": "11.9.3",
"status": "affected",
"version": "11.9",
"versionType": "semver"
},
{
"lessThan": "11.8.6",
"status": "affected",
"version": "11.8",
"versionType": "semver"
},
{
"lessThan": "11.7.3",
"status": "affected",
"version": "11.7",
"versionType": "semver"
},
{
"lessThan": "11.6.2",
"status": "affected",
"version": "11.6",
"versionType": "semver"
},
{
"lessThan": "11.5.3",
"status": "affected",
"version": "11.5",
"versionType": "semver"
},
{
"lessThan": "11.4.2",
"status": "affected",
"version": "11.4",
"versionType": "semver"
},
{
"lessThan": "11.3.4",
"status": "affected",
"version": "11.3",
"versionType": "semver"
},
{
"lessThan": "11.2.2",
"status": "affected",
"version": "11.2",
"versionType": "semver"
},
{
"lessThan": "11.1.4",
"status": "affected",
"version": "11.1",
"versionType": "semver"
},
{
"lessThan": "11.0.2",
"status": "affected",
"version": "11.0",
"versionType": "semver"
},
{
"lessThan": "10.9.3",
"status": "affected",
"version": "10.9",
"versionType": "semver"
},
{
"lessThan": "10.8.2",
"status": "affected",
"version": "10.8",
"versionType": "semver"
},
{
"lessThan": "10.7.2",
"status": "affected",
"version": "10.7",
"versionType": "semver"
},
{
"lessThan": "10.6.2",
"status": "affected",
"version": "10.6",
"versionType": "semver"
},
{
"lessThan": "10.5.3",
"status": "affected",
"version": "10.5",
"versionType": "semver"
},
{
"lessThan": "10.4.2",
"status": "affected",
"version": "10.4",
"versionType": "semver"
},
{
"lessThan": "10.3.2",
"status": "affected",
"version": "10.3",
"versionType": "semver"
},
{
"lessThan": "10.2.3",
"status": "affected",
"version": "10.2",
"versionType": "semver"
},
{
"lessThan": "10.1.2",
"status": "affected",
"version": "10.1",
"versionType": "semver"
},
{
"lessThan": "10.0.2",
"status": "affected",
"version": "10.0",
"versionType": "semver"
},
{
"lessThan": "9.9.3",
"status": "affected",
"version": "9.9",
"versionType": "semver"
},
{
"lessThan": "9.8.3",
"status": "affected",
"version": "9.8",
"versionType": "semver"
},
{
"lessThan": "9.7.3",
"status": "affected",
"version": "9.7",
"versionType": "semver"
},
{
"lessThan": "9.6.4",
"status": "affected",
"version": "9.6",
"versionType": "semver"
},
{
"lessThan": "9.5.5",
"status": "affected",
"version": "9.5",
"versionType": "semver"
},
{
"lessThanOrEqual": "9.4.4",
"status": "affected",
"version": "9.4",
"versionType": "semver"
},
{
"lessThan": "9.3.5",
"status": "affected",
"version": "9.3",
"versionType": "semver"
},
{
"lessThan": "9.2.4",
"status": "affected",
"version": "9.2",
"versionType": "semver"
},
{
"lessThan": "9.1.3",
"status": "affected",
"version": "9.1",
"versionType": "semver"
},
{
"lessThan": "9.0.5",
"status": "affected",
"version": "9.0",
"versionType": "semver"
},
{
"lessThan": "8.9.4",
"status": "affected",
"version": "8.9",
"versionType": "semver"
},
{
"lessThan": "8.8.5",
"status": "affected",
"version": "8.8",
"versionType": "semver"
},
{
"lessThan": "8.7.4",
"status": "affected",
"version": "8.7",
"versionType": "semver"
},
{
"lessThan": "8.6.4",
"status": "affected",
"version": "8.6",
"versionType": "semver"
},
{
"lessThan": "8.5.3",
"status": "affected",
"version": "8.5",
"versionType": "semver"
},
{
"lessThan": "8.4.5",
"status": "affected",
"version": "8.4",
"versionType": "semver"
},
{
"lessThan": "8.3.3",
"status": "affected",
"version": "8.3",
"versionType": "semver"
},
{
"lessThan": "8.2.6",
"status": "affected",
"version": "8.2",
"versionType": "semver"
},
{
"lessThan": "8.1.4",
"status": "affected",
"version": "8.1",
"versionType": "semver"
},
{
"lessThan": "8.0.3",
"status": "affected",
"version": "8.0",
"versionType": "semver"
},
{
"lessThan": "7.9.4",
"status": "affected",
"version": "7.9",
"versionType": "semver"
},
{
"lessThan": "7.8.4",
"status": "affected",
"version": "7.8",
"versionType": "semver"
},
{
"lessThan": "7.7.6",
"status": "affected",
"version": "7.7",
"versionType": "semver"
},
{
"lessThan": "7.6.4",
"status": "affected",
"version": "7.6",
"versionType": "semver"
},
{
"lessThan": "7.5.7",
"status": "affected",
"version": "7.5",
"versionType": "semver"
},
{
"lessThan": "7.4.5",
"status": "affected",
"version": "7.4",
"versionType": "semver"
},
{
"lessThan": "7.3.5",
"status": "affected",
"version": "7.3",
"versionType": "semver"
},
{
"lessThan": "7.2.5",
"status": "affected",
"version": "7.2",
"versionType": "semver"
},
{
"lessThan": "7.1.5",
"status": "affected",
"version": "7.1",
"versionType": "semver"
},
{
"lessThan": "7.0.5",
"status": "affected",
"version": "7.0",
"versionType": "semver"
},
{
"lessThan": "6.9.4",
"status": "affected",
"version": "6.9",
"versionType": "semver"
},
{
"lessThan": "6.8.5",
"status": "affected",
"version": "6.8",
"versionType": "semver"
},
{
"lessThan": "6.7.4",
"status": "affected",
"version": "6.7",
"versionType": "semver"
},
{
"lessThan": "6.6.5",
"status": "affected",
"version": "6.6",
"versionType": "semver"
},
{
"lessThan": "6.5.4",
"status": "affected",
"version": "6.5",
"versionType": "semver"
},
{
"lessThan": "6.4.6",
"status": "affected",
"version": "6.4",
"versionType": "semver"
},
{
"lessThan": "6.3.7",
"status": "affected",
"version": "6.3",
"versionType": "semver"
},
{
"lessThan": "6.2.5",
"status": "affected",
"version": "6.2",
"versionType": "semver"
},
{
"lessThan": "6.1.5",
"status": "affected",
"version": "6.1",
"versionType": "semver"
},
{
"lessThan": "6.0.4",
"status": "affected",
"version": "6.0",
"versionType": "semver"
},
{
"lessThan": "5.9.4",
"status": "affected",
"version": "5.9",
"versionType": "semver"
},
{
"lessThan": "5.8.4",
"status": "affected",
"version": "5.8",
"versionType": "semver"
},
{
"lessThan": "5.7.5",
"status": "affected",
"version": "5.7",
"versionType": "semver"
},
{
"lessThan": "5.6.5",
"status": "affected",
"version": "5.6",
"versionType": "semver"
},
{
"lessThan": "5.5.5",
"status": "affected",
"version": "5.5",
"versionType": "semver"
},
{
"lessThan": "5.4.4",
"status": "affected",
"version": "5.4",
"versionType": "semver"
},
{
"lessThan": "5.3.4",
"status": "affected",
"version": "5.3",
"versionType": "semver"
},
{
"lessThan": "5.2.5",
"status": "affected",
"version": "5.2",
"versionType": "semver"
},
{
"lessThan": "5.1.4",
"status": "affected",
"version": "5.1",
"versionType": "semver"
},
{
"lessThan": "5.0.3",
"status": "affected",
"version": "5.0",
"versionType": "semver"
},
{
"lessThan": "4.9.3",
"status": "affected",
"version": "4.9",
"versionType": "semver"
},
{
"lessThan": "4.8.5",
"status": "affected",
"version": "4.8",
"versionType": "semver"
},
{
"lessThan": "4.7.4",
"status": "affected",
"version": "4.7",
"versionType": "semver"
},
{
"lessThan": "4.6.3",
"status": "affected",
"version": "4.6",
"versionType": "semver"
},
{
"lessThan": "4.5.3",
"status": "affected",
"version": "4.5",
"versionType": "semver"
},
{
"lessThan": "4.4.5",
"status": "affected",
"version": "4.4",
"versionType": "semver"
},
{
"lessThan": "4.3.5",
"status": "affected",
"version": "4.3",
"versionType": "semver"
},
{
"lessThan": "4.2.5",
"status": "affected",
"version": "4.2",
"versionType": "semver"
},
{
"lessThan": "4.1.4",
"status": "affected",
"version": "4.1.0",
"versionType": "semver"
},
{
"lessThan": "4.0.7",
"status": "affected",
"version": "4.0.0",
"versionType": "semver"
},
{
"lessThan": "3.9.10",
"status": "affected",
"version": "3.9.2",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-9926",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-07T18:35:48.550122Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-07T19:53:07.815Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "13.9.1",
"status": "affected",
"version": "13.9",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "13.8.2",
"status": "affected",
"version": "13.8",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "13.7.1",
"status": "affected",
"version": "13.7",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "13.6.1",
"status": "affected",
"version": "13.6",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "13.5.1",
"status": "affected",
"version": "13.5",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "13.4.4",
"status": "affected",
"version": "13.4",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "13.3.2",
"status": "affected",
"version": "13.3",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "13.2.3",
"status": "affected",
"version": "13.2",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "13.1.4",
"status": "affected",
"version": "13.1",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "13.0.1",
"status": "affected",
"version": "13.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "12.9.4",
"status": "affected",
"version": "12.9",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "12.8.2",
"status": "affected",
"version": "12.8",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "12.7.2",
"status": "affected",
"version": "12.7",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "12.6.3",
"status": "affected",
"version": "12.6",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "12.5.1",
"status": "affected",
"version": "12.5",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "12.4.1",
"status": "affected",
"version": "12.4",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "12.3.1",
"status": "affected",
"version": "12.3",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "12.2.2",
"status": "affected",
"version": "12.2",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "12.1.2",
"status": "affected",
"version": "12.1",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "12.0.2",
"status": "affected",
"version": "12.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "11.9.3",
"status": "affected",
"version": "11.9",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "11.8.6",
"status": "affected",
"version": "11.8",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "11.7.3",
"status": "affected",
"version": "11.7",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "11.6.2",
"status": "affected",
"version": "11.6",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "11.5.3",
"status": "affected",
"version": "11.5",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "11.4.2",
"status": "affected",
"version": "11.4",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "11.3.4",
"status": "affected",
"version": "11.3",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "11.2.2",
"status": "affected",
"version": "11.2",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "11.1.4",
"status": "affected",
"version": "11.1",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "11.0.2",
"status": "affected",
"version": "11.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "10.9.3",
"status": "affected",
"version": "10.9",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "10.8.2",
"status": "affected",
"version": "10.8",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "10.7.2",
"status": "affected",
"version": "10.7",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "10.6.2",
"status": "affected",
"version": "10.6",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "10.5.3",
"status": "affected",
"version": "10.5",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "10.4.2",
"status": "affected",
"version": "10.4",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "10.3.2",
"status": "affected",
"version": "10.3",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "10.2.3",
"status": "affected",
"version": "10.2",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "10.1.2",
"status": "affected",
"version": "10.1",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "10.0.2",
"status": "affected",
"version": "10.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "9.9.3",
"status": "affected",
"version": "9.9",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "9.8.3",
"status": "affected",
"version": "9.8",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "9.7.3",
"status": "affected",
"version": "9.7",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "9.6.4",
"status": "affected",
"version": "9.6",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "9.5.5",
"status": "affected",
"version": "9.5",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "9.4.4",
"status": "affected",
"version": "9.4",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "9.3.5",
"status": "affected",
"version": "9.3",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "9.2.4",
"status": "affected",
"version": "9.2",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "9.1.3",
"status": "affected",
"version": "9.1",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "9.0.5",
"status": "affected",
"version": "9.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "8.9.4",
"status": "affected",
"version": "8.9",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "8.8.5",
"status": "affected",
"version": "8.8",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "8.7.4",
"status": "affected",
"version": "8.7",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "8.6.4",
"status": "affected",
"version": "8.6",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "8.5.3",
"status": "affected",
"version": "8.5",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "8.4.5",
"status": "affected",
"version": "8.4",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "8.3.3",
"status": "affected",
"version": "8.3",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "8.2.6",
"status": "affected",
"version": "8.2",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "8.1.4",
"status": "affected",
"version": "8.1",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "8.0.3",
"status": "affected",
"version": "8.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "7.9.4",
"status": "affected",
"version": "7.9",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "7.8.4",
"status": "affected",
"version": "7.8",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "7.7.6",
"status": "affected",
"version": "7.7",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "7.6.4",
"status": "affected",
"version": "7.6",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "7.5.7",
"status": "affected",
"version": "7.5",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "7.4.5",
"status": "affected",
"version": "7.4",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "7.3.5",
"status": "affected",
"version": "7.3",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "7.2.5",
"status": "affected",
"version": "7.2",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "7.1.5",
"status": "affected",
"version": "7.1",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "7.0.5",
"status": "affected",
"version": "7.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "6.9.4",
"status": "affected",
"version": "6.9",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "6.8.5",
"status": "affected",
"version": "6.8",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "6.7.4",
"status": "affected",
"version": "6.7",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "6.6.5",
"status": "affected",
"version": "6.6",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "6.5.4",
"status": "affected",
"version": "6.5",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "6.4.6",
"status": "affected",
"version": "6.4",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "6.3.7",
"status": "affected",
"version": "6.3",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "6.2.5",
"status": "affected",
"version": "6.2",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "6.1.5",
"status": "affected",
"version": "6.1",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "6.0.4",
"status": "affected",
"version": "6.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "5.9.4",
"status": "affected",
"version": "5.9",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "5.8.4",
"status": "affected",
"version": "5.8",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "5.7.5",
"status": "affected",
"version": "5.7",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "5.6.5",
"status": "affected",
"version": "5.6",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "5.5.5",
"status": "affected",
"version": "5.5",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "5.4.4",
"status": "affected",
"version": "5.4",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "5.3.4",
"status": "affected",
"version": "5.3",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "5.2.5",
"status": "affected",
"version": "5.2",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "5.1.4",
"status": "affected",
"version": "5.1",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "5.0.3",
"status": "affected",
"version": "5.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "4.9.3",
"status": "affected",
"version": "4.9",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "4.8.5",
"status": "affected",
"version": "4.8",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "4.7.4",
"status": "affected",
"version": "4.7",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "4.6.3",
"status": "affected",
"version": "4.6",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "4.5.3",
"status": "affected",
"version": "4.5",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "4.4.5",
"status": "affected",
"version": "4.4",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "4.3.5",
"status": "affected",
"version": "4.3",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "4.2.5",
"status": "affected",
"version": "4.2",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "4.1.4",
"status": "affected",
"version": "4.1.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "4.0.7",
"status": "affected",
"version": "4.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "3.9.10",
"status": "affected",
"version": "3.9.2",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Marc Montpas"
},
{
"lang": "en",
"type": "coordinator",
"value": "WPScan"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Jetpack WordPress plugin does not have proper authorisation in one of its REST endpoint, allowing any authenticated users, such as subscriber to read arbitrary feedbacks data sent via the Jetpack Contact Form"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-863 Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-07T15:02:38.050Z",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"exploit",
"vdb-entry",
"technical-description"
],
"url": "https://wpscan.com/vulnerability/669382af-f836-4896-bdcb-5c6a57c99bd9/"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Jetpack \u003c 13.9.1 - Subscriber+ Arbitrary Feedback Access",
"x_generator": {
"engine": "WPScan CVE Generator"
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2024-9926",
"datePublished": "2024-11-07T15:02:38.050Z",
"dateReserved": "2024-10-14T09:27:37.145Z",
"dateUpdated": "2024-11-07T19:53:07.815Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-2996 (GCVE-0-2023-2996)
Vulnerability from nvd – Published: 2023-06-27 13:17 – Updated: 2024-12-05 16:48
VLAI
Title
Jetpack < 12.1.1 - Author+ Arbitrary File Manipulation via API
Summary
The Jetpack WordPress plugin before 12.1.1 does not validate uploaded files, allowing users with author roles or above to manipulate existing files on the site, deleting arbitrary files, and in rare cases achieve Remote Code Execution via phar deserialization.
Severity
No CVSS data available.
SSVC
Exploitation: poc
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://wpscan.com/vulnerability/52d221bd-ae42-43… | exploitvdb-entrytechnical-description |
| https://jetpack.com/blog/jetpack-12-1-1-critical-… | vendor-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Unknown | Jetpack |
Affected:
1.9 , < 2.0.9
(custom)
Affected: 2.1 , < 2.1.7 (custom) Affected: 2.2 , < 2.2.10 (custom) Affected: 2.3 , < 2.3.10 (custom) Affected: 2.4 , < 2.4.7 (custom) Affected: 2.5 , < 2.5.5 (custom) Affected: 2.6 , < 2.6.6 (custom) Affected: 2.7 , < 2.7.5 (custom) Affected: 2.8 , < 2.8.5 (custom) Affected: 2.9 , < 2.9.6 (custom) Affected: 3.0 , < 3.0.6 (custom) Affected: 3.1 , < 3.1.5 (custom) Affected: 3.2 , < 3.2.5 (custom) Affected: 3.3 , < 3.3.6 (custom) Affected: 3.4 , < 3.4.6 (custom) Affected: 3.5 , < 3.5.6 (custom) Affected: 3.6 , < 3.6.4 (custom) Affected: 3.7 , < 3.7.5 (custom) Affected: 3.8 , < 3.8.5 (custom) Affected: 3.9 , < 3.9.9 (custom) Affected: 4.0 , < 4.0.6 (custom) Affected: 4.1 , < 4.1.3 (custom) Affected: 4.2 , < 4.2.4 (custom) Affected: 4.3 , < 4.3.4 (custom) Affected: 4.4 , < 4.4.4 (custom) Affected: 4.5 , < 4.5.2 (custom) Affected: 4.6 , < 4.6.2 (custom) Affected: 4.7 , < 4.7.3 (custom) Affected: 4.8 , < 4.8.4 (custom) Affected: 4.9 , < 4.9.2 (custom) Affected: 5.0 , < 5.0.2 (custom) Affected: 5.1 , < 5.1.3 (custom) Affected: 5.2 , < 5.2.4 (custom) Affected: 5.3 , < 5.3.3 (custom) Affected: 5.4 , < 5.4.3 (custom) Affected: 5.5 , < 5.5.4 (custom) Affected: 5.6 , < 5.6.4 (custom) Affected: 5.7 , < 5.7.4 (custom) Affected: 5.8 , < 5.8.3 (custom) Affected: 5.9 , < 5.9.3 (custom) Affected: 6.0 , < 6.0.3 (custom) Affected: 6.1 , < 6.1.4 (custom) Affected: 6.2 , < 6.2.4 (custom) Affected: 6.3 , < 6.3.6 (custom) Affected: 6.4 , < 6.4.5 (custom) Affected: 6.5 , < 6.5.3 (custom) Affected: 6.6 , < 6.6.4 (custom) Affected: 6.7 , < 6.7.3 (custom) Affected: 6.8 , < 6.8.4 (custom) Affected: 6.9 , < 6.9.3 (custom) Affected: 7.0 , < 7.0.4 (custom) Affected: 7.1 , < 7.1.4 (custom) Affected: 7.2 , < 7.2.4 (custom) Affected: 7.3 , < 7.3.4 (custom) Affected: 7.4 , < 7.4.4 (custom) Affected: 7.5 , < 7.5.6 (custom) Affected: 7.6 , < 7.6.3 (custom) Affected: 7.7 , < 7.7.5 (custom) Affected: 7.8 , < 7.8.3 (custom) Affected: 7.9 , < 7.9.3 (custom) Affected: 8.0 , < 8.0.2 (custom) Affected: 8.1 , < 8.1.3 (custom) Affected: 8.2 , < 8.2.5 (custom) Affected: 8.3 , < 8.3.2 (custom) Affected: 8.4 , < 8.4.4 (custom) Affected: 8.5 , < 8.5.2 (custom) Affected: 8.6 , < 8.6.3 (custom) Affected: 8.7 , < 8.7.3 (custom) Affected: 8.8 , < 8.8.4 (custom) Affected: 8.9 , < 8.9.3 (custom) Affected: 9.0 , < 9.0.4 (custom) Affected: 9.1 , < 9.1.2 (custom) Affected: 9.2 , < 9.2.3 (custom) Affected: 9.3 , < 9.3.4 (custom) Affected: 9.4 , < 9.4.3 (custom) Affected: 9.5 , < 9.5.4 (custom) Affected: 9.6 , < 9.6.3 (custom) Affected: 9.7 , < 9.7.2 (custom) Affected: 9.8 , < 9.8.2 (custom) Affected: 9.9 , < 9.9.2 (custom) Affected: 10.0 , < 10.0.1 (custom) Affected: 10.1 , < 10.1.1 (custom) Affected: 10.2 , < 10.2.2 (custom) Affected: 10.3 , < 10.3.1 (custom) Affected: 10.4 , < 10.4.1 (custom) Affected: 10.5 , < 10.5.2 (custom) Affected: 10.6 , < 10.6.2 (custom) Affected: 10.7 , < 10.7.1 (custom) Affected: 10.8 , < 10.8.1 (custom) Affected: 10.9 , < 10.9.2 (custom) Affected: 11.0 , < 11.0.1 (custom) Affected: 11.1 , < 11.1.3 (custom) Affected: 11.2 , < 11.2.1 (custom) Affected: 11.3 , < 11.3.3 (custom) Affected: 11.4 , < 11.4.1 (custom) Affected: 11.5 , < 11.5.2 (custom) Affected: 11.6 , < 11.6.1 (custom) Affected: 11.7 , < 11.7.2 (custom) Affected: 11.8 , < 11.8.5 (custom) Affected: 11.9 , < 11.9.2 (custom) Affected: 12.0 , < 12.0.1 (custom) Affected: 12.1 , < 12.1.1 (custom) |
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T06:41:03.950Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"exploit",
"vdb-entry",
"technical-description",
"x_transferred"
],
"url": "https://wpscan.com/vulnerability/52d221bd-ae42-435d-a90a-60a5ae530663"
},
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://jetpack.com/blog/jetpack-12-1-1-critical-security-update/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-2996",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-05T16:47:57.983039Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-05T16:48:09.882Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"product": "Jetpack",
"vendor": "Unknown",
"versions": [
{
"lessThan": "2.0.9",
"status": "affected",
"version": "1.9",
"versionType": "custom"
},
{
"lessThan": "2.1.7",
"status": "affected",
"version": "2.1",
"versionType": "custom"
},
{
"lessThan": "2.2.10",
"status": "affected",
"version": "2.2",
"versionType": "custom"
},
{
"lessThan": "2.3.10",
"status": "affected",
"version": "2.3",
"versionType": "custom"
},
{
"lessThan": "2.4.7",
"status": "affected",
"version": "2.4",
"versionType": "custom"
},
{
"lessThan": "2.5.5",
"status": "affected",
"version": "2.5",
"versionType": "custom"
},
{
"lessThan": "2.6.6",
"status": "affected",
"version": "2.6",
"versionType": "custom"
},
{
"lessThan": "2.7.5",
"status": "affected",
"version": "2.7",
"versionType": "custom"
},
{
"lessThan": "2.8.5",
"status": "affected",
"version": "2.8",
"versionType": "custom"
},
{
"lessThan": "2.9.6",
"status": "affected",
"version": "2.9",
"versionType": "custom"
},
{
"lessThan": "3.0.6",
"status": "affected",
"version": "3.0",
"versionType": "custom"
},
{
"lessThan": "3.1.5",
"status": "affected",
"version": "3.1",
"versionType": "custom"
},
{
"lessThan": "3.2.5",
"status": "affected",
"version": "3.2",
"versionType": "custom"
},
{
"lessThan": "3.3.6",
"status": "affected",
"version": "3.3",
"versionType": "custom"
},
{
"lessThan": "3.4.6",
"status": "affected",
"version": "3.4",
"versionType": "custom"
},
{
"lessThan": "3.5.6",
"status": "affected",
"version": "3.5",
"versionType": "custom"
},
{
"lessThan": "3.6.4",
"status": "affected",
"version": "3.6",
"versionType": "custom"
},
{
"lessThan": "3.7.5",
"status": "affected",
"version": "3.7",
"versionType": "custom"
},
{
"lessThan": "3.8.5",
"status": "affected",
"version": "3.8",
"versionType": "custom"
},
{
"lessThan": "3.9.9",
"status": "affected",
"version": "3.9",
"versionType": "custom"
},
{
"lessThan": "4.0.6",
"status": "affected",
"version": "4.0",
"versionType": "custom"
},
{
"lessThan": "4.1.3",
"status": "affected",
"version": "4.1",
"versionType": "custom"
},
{
"lessThan": "4.2.4",
"status": "affected",
"version": "4.2",
"versionType": "custom"
},
{
"lessThan": "4.3.4",
"status": "affected",
"version": "4.3",
"versionType": "custom"
},
{
"lessThan": "4.4.4",
"status": "affected",
"version": "4.4",
"versionType": "custom"
},
{
"lessThan": "4.5.2",
"status": "affected",
"version": "4.5",
"versionType": "custom"
},
{
"lessThan": "4.6.2",
"status": "affected",
"version": "4.6",
"versionType": "custom"
},
{
"lessThan": "4.7.3",
"status": "affected",
"version": "4.7",
"versionType": "custom"
},
{
"lessThan": "4.8.4",
"status": "affected",
"version": "4.8",
"versionType": "custom"
},
{
"lessThan": "4.9.2",
"status": "affected",
"version": "4.9",
"versionType": "custom"
},
{
"lessThan": "5.0.2",
"status": "affected",
"version": "5.0",
"versionType": "custom"
},
{
"lessThan": "5.1.3",
"status": "affected",
"version": "5.1",
"versionType": "custom"
},
{
"lessThan": "5.2.4",
"status": "affected",
"version": "5.2",
"versionType": "custom"
},
{
"lessThan": "5.3.3",
"status": "affected",
"version": "5.3",
"versionType": "custom"
},
{
"lessThan": "5.4.3",
"status": "affected",
"version": "5.4",
"versionType": "custom"
},
{
"lessThan": "5.5.4",
"status": "affected",
"version": "5.5",
"versionType": "custom"
},
{
"lessThan": "5.6.4",
"status": "affected",
"version": "5.6",
"versionType": "custom"
},
{
"lessThan": "5.7.4",
"status": "affected",
"version": "5.7",
"versionType": "custom"
},
{
"lessThan": "5.8.3",
"status": "affected",
"version": "5.8",
"versionType": "custom"
},
{
"lessThan": "5.9.3",
"status": "affected",
"version": "5.9",
"versionType": "custom"
},
{
"lessThan": "6.0.3",
"status": "affected",
"version": "6.0",
"versionType": "custom"
},
{
"lessThan": "6.1.4",
"status": "affected",
"version": "6.1",
"versionType": "custom"
},
{
"lessThan": "6.2.4",
"status": "affected",
"version": "6.2",
"versionType": "custom"
},
{
"lessThan": "6.3.6",
"status": "affected",
"version": "6.3",
"versionType": "custom"
},
{
"lessThan": "6.4.5",
"status": "affected",
"version": "6.4",
"versionType": "custom"
},
{
"lessThan": "6.5.3",
"status": "affected",
"version": "6.5",
"versionType": "custom"
},
{
"lessThan": "6.6.4",
"status": "affected",
"version": "6.6",
"versionType": "custom"
},
{
"lessThan": "6.7.3",
"status": "affected",
"version": "6.7",
"versionType": "custom"
},
{
"lessThan": "6.8.4",
"status": "affected",
"version": "6.8",
"versionType": "custom"
},
{
"lessThan": "6.9.3",
"status": "affected",
"version": "6.9",
"versionType": "custom"
},
{
"lessThan": "7.0.4",
"status": "affected",
"version": "7.0",
"versionType": "custom"
},
{
"lessThan": "7.1.4",
"status": "affected",
"version": "7.1",
"versionType": "custom"
},
{
"lessThan": "7.2.4",
"status": "affected",
"version": "7.2",
"versionType": "custom"
},
{
"lessThan": "7.3.4",
"status": "affected",
"version": "7.3",
"versionType": "custom"
},
{
"lessThan": "7.4.4",
"status": "affected",
"version": "7.4",
"versionType": "custom"
},
{
"lessThan": "7.5.6",
"status": "affected",
"version": "7.5",
"versionType": "custom"
},
{
"lessThan": "7.6.3",
"status": "affected",
"version": "7.6",
"versionType": "custom"
},
{
"lessThan": "7.7.5",
"status": "affected",
"version": "7.7",
"versionType": "custom"
},
{
"lessThan": "7.8.3",
"status": "affected",
"version": "7.8",
"versionType": "custom"
},
{
"lessThan": "7.9.3",
"status": "affected",
"version": "7.9",
"versionType": "custom"
},
{
"lessThan": "8.0.2",
"status": "affected",
"version": "8.0",
"versionType": "custom"
},
{
"lessThan": "8.1.3",
"status": "affected",
"version": "8.1",
"versionType": "custom"
},
{
"lessThan": "8.2.5",
"status": "affected",
"version": "8.2",
"versionType": "custom"
},
{
"lessThan": "8.3.2",
"status": "affected",
"version": "8.3",
"versionType": "custom"
},
{
"lessThan": "8.4.4",
"status": "affected",
"version": "8.4",
"versionType": "custom"
},
{
"lessThan": "8.5.2",
"status": "affected",
"version": "8.5",
"versionType": "custom"
},
{
"lessThan": "8.6.3",
"status": "affected",
"version": "8.6",
"versionType": "custom"
},
{
"lessThan": "8.7.3",
"status": "affected",
"version": "8.7",
"versionType": "custom"
},
{
"lessThan": "8.8.4",
"status": "affected",
"version": "8.8",
"versionType": "custom"
},
{
"lessThan": "8.9.3",
"status": "affected",
"version": "8.9",
"versionType": "custom"
},
{
"lessThan": "9.0.4",
"status": "affected",
"version": "9.0",
"versionType": "custom"
},
{
"lessThan": "9.1.2",
"status": "affected",
"version": "9.1",
"versionType": "custom"
},
{
"lessThan": "9.2.3",
"status": "affected",
"version": "9.2",
"versionType": "custom"
},
{
"lessThan": "9.3.4",
"status": "affected",
"version": "9.3",
"versionType": "custom"
},
{
"lessThan": "9.4.3",
"status": "affected",
"version": "9.4",
"versionType": "custom"
},
{
"lessThan": "9.5.4",
"status": "affected",
"version": "9.5",
"versionType": "custom"
},
{
"lessThan": "9.6.3",
"status": "affected",
"version": "9.6",
"versionType": "custom"
},
{
"lessThan": "9.7.2",
"status": "affected",
"version": "9.7",
"versionType": "custom"
},
{
"lessThan": "9.8.2",
"status": "affected",
"version": "9.8",
"versionType": "custom"
},
{
"lessThan": "9.9.2",
"status": "affected",
"version": "9.9",
"versionType": "custom"
},
{
"lessThan": "10.0.1",
"status": "affected",
"version": "10.0",
"versionType": "custom"
},
{
"lessThan": "10.1.1",
"status": "affected",
"version": "10.1",
"versionType": "custom"
},
{
"lessThan": "10.2.2",
"status": "affected",
"version": "10.2",
"versionType": "custom"
},
{
"lessThan": "10.3.1",
"status": "affected",
"version": "10.3",
"versionType": "custom"
},
{
"lessThan": "10.4.1",
"status": "affected",
"version": "10.4",
"versionType": "custom"
},
{
"lessThan": "10.5.2",
"status": "affected",
"version": "10.5",
"versionType": "custom"
},
{
"lessThan": "10.6.2",
"status": "affected",
"version": "10.6",
"versionType": "custom"
},
{
"lessThan": "10.7.1",
"status": "affected",
"version": "10.7",
"versionType": "custom"
},
{
"lessThan": "10.8.1",
"status": "affected",
"version": "10.8",
"versionType": "custom"
},
{
"lessThan": "10.9.2",
"status": "affected",
"version": "10.9",
"versionType": "custom"
},
{
"lessThan": "11.0.1",
"status": "affected",
"version": "11.0",
"versionType": "custom"
},
{
"lessThan": "11.1.3",
"status": "affected",
"version": "11.1",
"versionType": "custom"
},
{
"lessThan": "11.2.1",
"status": "affected",
"version": "11.2",
"versionType": "custom"
},
{
"lessThan": "11.3.3",
"status": "affected",
"version": "11.3",
"versionType": "custom"
},
{
"lessThan": "11.4.1",
"status": "affected",
"version": "11.4",
"versionType": "custom"
},
{
"lessThan": "11.5.2",
"status": "affected",
"version": "11.5",
"versionType": "custom"
},
{
"lessThan": "11.6.1",
"status": "affected",
"version": "11.6",
"versionType": "custom"
},
{
"lessThan": "11.7.2",
"status": "affected",
"version": "11.7",
"versionType": "custom"
},
{
"lessThan": "11.8.5",
"status": "affected",
"version": "11.8",
"versionType": "custom"
},
{
"lessThan": "11.9.2",
"status": "affected",
"version": "11.9",
"versionType": "custom"
},
{
"lessThan": "12.0.1",
"status": "affected",
"version": "12.0",
"versionType": "custom"
},
{
"lessThan": "12.1.1",
"status": "affected",
"version": "12.1",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Miguel Neto"
},
{
"lang": "en",
"type": "coordinator",
"value": "WPScan"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Jetpack WordPress plugin before 12.1.1 does not validate uploaded files, allowing users with author roles or above to manipulate existing files on the site, deleting arbitrary files, and in rare cases achieve Remote Code Execution via phar deserialization."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-27T13:17:07.479Z",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"exploit",
"vdb-entry",
"technical-description"
],
"url": "https://wpscan.com/vulnerability/52d221bd-ae42-435d-a90a-60a5ae530663"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://jetpack.com/blog/jetpack-12-1-1-critical-security-update/"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Jetpack \u003c 12.1.1 - Author+ Arbitrary File Manipulation via API",
"x_generator": {
"engine": "WPScan CVE Generator"
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2023-2996",
"datePublished": "2023-06-27T13:17:07.479Z",
"dateReserved": "2023-05-30T19:10:08.911Z",
"dateUpdated": "2024-12-05T16:48:09.882Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}