5.8
CVSSv2

CVE-2014-0173

Published: 22/04/2014 Updated: 29/08/2017
CVSS v2 Base Score: 5.8 | Impact Score: 4.9 | Exploitability Score: 8.6
VMScore: 516
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:N

Vulnerability Summary

The Jetpack plugin prior to 1.9 prior to 1.9.4, 2.0.x prior to 2.0.9, 2.1.x prior to 2.1.4, 2.2.x prior to 2.2.7, 2.3.x prior to 2.3.7, 2.4.x prior to 2.4.4, 2.5.x prior to 2.5.2, 2.6.x prior to 2.6.3, 2.7.x prior to 2.7.2, 2.8.x prior to 2.8.2, and 2.9.x prior to 2.9.3 for WordPress does not properly restrict access to the XML-RPC service, which allows remote malicious users to bypass intended restrictions and publish posts via unspecified vectors. NOTE: some of these details are obtained from third party information.

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.
Vulnerable Product Search on Vulmon Subscribe to Product

automattic jetpack 2.6

automattic jetpack 2.5

automattic jetpack 2.3.2

automattic jetpack 2.3.1

automattic jetpack 2.2

automattic jetpack 2.1.2

automattic jetpack 1.9.2

automattic jetpack 1.9.1

automattic jetpack 2.9.1

automattic jetpack 2.9

automattic jetpack 2.8

automattic jetpack 2.4

automattic jetpack 2.3.4

automattic jetpack 2.0.4

automattic jetpack 2.1

automattic jetpack 2.2.2

automattic jetpack 2.3.3

automattic jetpack 2.4.2

automattic jetpack 2.7

automattic jetpack 2.0.1

automattic jetpack 2.9.3

automattic jetpack 2.3.5

automattic jetpack 2.1.1

automattic jetpack 2.2.4

automattic jetpack 1.9

automattic jetpack 2.6.1

automattic jetpack 2.0

automattic jetpack 2.0.3

automattic jetpack 2.2.1

automattic jetpack 2.3

automattic jetpack 2.2.5

automattic jetpack 2.4.1

automattic jetpack 2.2.3

automattic jetpack 2.0.2

automattic jetpack 2.9.2