Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
automattic vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-45050
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Automattic Jetpack – WP Security, Backup, Speed, & Growth allows Stored XSS.This issue affects Jetpack – WP Security, Backup, Speed, & Growth: from ...
Automattic Jetpack
NA
CVE-2023-5057
The ActivityPub WordPress plugin prior to 1.0.0 does not escape user metadata before outputting them in mentions, which could allow users with a role of Contributor and above to perform Stored XSS attacks
Automattic Activitypub
NA
CVE-2023-3746
The ActivityPub WordPress plugin prior to 1.0.0 does not sanitize and escape some data from post content, which could allow contributor and above role to perform Stored Cross-Site Scripting attacks
Automattic Activitypub
4.3
CVSSv2
CVE-2016-10705
The Jetpack plugin prior to 4.0.4 for WordPress has XSS via the Likes module.
Automattic Jetpack
NA
CVE-2014-125104
A vulnerability was found in VaultPress Plugin up to 1.6.0 on WordPress. It has been declared as critical. Affected by this vulnerability is the function protect_aioseo_ajax of the file class.vaultpress-hotfixes.php of the component MailPoet Plugin. The manipulation leads to unre...
Automattic Vaultpress
4.3
CVSSv2
CVE-2016-10706
The Jetpack plugin prior to 4.0.3 for WordPress has XSS via a crafted Vimeo link.
Automattic Jetpack
7.5
CVSSv2
CVE-2011-4673
SQL injection vulnerability in modules/sharedaddy.php in the Jetpack plugin for WordPress allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Automattic Jetpack
1 EDB exploit
4.3
CVSSv2
CVE-2015-9357
The akismet plugin prior to 3.1.5 for WordPress has XSS.
Automattic Akismet
5
CVSSv2
CVE-2021-24374
The Jetpack Carousel module of the JetPack WordPress plugin prior to 9.8 allows users to create a "carousel" type image gallery and allows users to comment on the images. A security vulnerability was found within the Jetpack Carousel module by nguyenhg_vcs that allowed ...
Automattic Jetpack
4.3
CVSSv2
CVE-2015-9359
The Jetpack plugin prior to 3.4.3 for WordPress has XSS via add_query_arg() and remove_query_arg().
Automattic Jetpack
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »