Vulnerabilites related to Automattic - Jetpack – WP Security, Backup, Speed, & Growth
CVE-2023-45050 (GCVE-0-2023-45050)
Vulnerability from cvelistv5
Published
2023-11-30 12:07
Modified
2025-06-05 13:22
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Summary
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Automattic Jetpack – WP Security, Backup, Speed, & Growth allows Stored XSS.This issue affects Jetpack – WP Security, Backup, Speed, & Growth: from n/a through 12.8-a.1.
References
| ▼ | URL | Tags |
|---|---|---|
| https://patchstack.com/database/vulnerability/jetpack/wordpress-jetpack-plugin-12-8-a-1-cross-site-scripting-xss-vulnerability?_s_id=cve | vdb-entry | |
| https://patchstack.com/articles/authenticated-stored-xss-in-woocommerce-and-jetpack-plugin?_s_id=cve | third-party-advisory, technical-description |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Automattic | Jetpack – WP Security, Backup, Speed, & Growth |
Version: n/a < |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T20:14:18.320Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "https://patchstack.com/database/vulnerability/jetpack/wordpress-jetpack-plugin-12-8-a-1-cross-site-scripting-xss-vulnerability?_s_id=cve"
},
{
"tags": [
"third-party-advisory",
"technical-description",
"x_transferred"
],
"url": "https://patchstack.com/articles/authenticated-stored-xss-in-woocommerce-and-jetpack-plugin?_s_id=cve"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-45050",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-05T13:22:32.043394Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-05T13:22:45.944Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "jetpack",
"product": "Jetpack \u2013 WP Security, Backup, Speed, \u0026 Growth",
"vendor": "Automattic",
"versions": [
{
"changes": [
{
"at": "12.8-a.3",
"status": "unaffected"
}
],
"lessThanOrEqual": "12.8-a.1",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Rafie Muhammad (Patchstack)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability in Automattic Jetpack \u2013 WP Security, Backup, Speed, \u0026amp; Growth allows Stored XSS.\u003cp\u003eThis issue affects Jetpack \u2013 WP Security, Backup, Speed, \u0026amp; Growth: from n/a through 12.8-a.1.\u003c/p\u003e"
}
],
"value": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability in Automattic Jetpack \u2013 WP Security, Backup, Speed, \u0026 Growth allows Stored XSS.This issue affects Jetpack \u2013 WP Security, Backup, Speed, \u0026 Growth: from n/a through 12.8-a.1.\n\n"
}
],
"impacts": [
{
"capecId": "CAPEC-592",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-592 Stored XSS"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-30T12:07:42.417Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/vulnerability/jetpack/wordpress-jetpack-plugin-12-8-a-1-cross-site-scripting-xss-vulnerability?_s_id=cve"
},
{
"tags": [
"third-party-advisory",
"technical-description"
],
"url": "https://patchstack.com/articles/authenticated-stored-xss-in-woocommerce-and-jetpack-plugin?_s_id=cve"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to\u0026nbsp;12.8-a.3 or a higher version."
}
],
"value": "Update to\u00a012.8-a.3 or a higher version."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress Jetpack Plugin \u003c= 12.8-a.1 is vulnerable to Cross Site Scripting (XSS)",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2023-45050",
"datePublished": "2023-11-30T12:07:42.417Z",
"dateReserved": "2023-10-03T13:30:39.403Z",
"dateUpdated": "2025-06-05T13:22:45.944Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-24374 (GCVE-0-2021-24374)
Vulnerability from cvelistv5
Published
2021-06-21 19:18
Modified
2024-08-03 19:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-639 - Authorization Bypass Through User-Controlled Key
Summary
The Jetpack Carousel module of the JetPack WordPress plugin before 9.8 allows users to create a "carousel" type image gallery and allows users to comment on the images. A security vulnerability was found within the Jetpack Carousel module by nguyenhg_vcs that allowed the comments of non-published page/posts to be leaked.
References
| ▼ | URL | Tags |
|---|---|---|
| https://wpscan.com/vulnerability/08a8a51c-49d3-4bce-b7e0-e365af1d8f33 | x_refsource_CONFIRM | |
| https://jetpack.com/2021/06/01/jetpack-9-8-engage-your-audience-with-wordpress-stories/ | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Automattic | Jetpack – WP Security, Backup, Speed, & Growth |
Version: 9.8 < 9.8 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T19:28:23.899Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://wpscan.com/vulnerability/08a8a51c-49d3-4bce-b7e0-e365af1d8f33"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jetpack.com/2021/06/01/jetpack-9-8-engage-your-audience-with-wordpress-stories/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Jetpack \u2013 WP Security, Backup, Speed, \u0026 Growth",
"vendor": "Automattic",
"versions": [
{
"lessThan": "9.8",
"status": "affected",
"version": "9.8",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "nguyenhg_vcs"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Jetpack Carousel module of the JetPack WordPress plugin before 9.8 allows users to create a \"carousel\" type image gallery and allows users to comment on the images. A security vulnerability was found within the Jetpack Carousel module by nguyenhg_vcs that allowed the comments of non-published page/posts to be leaked."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-639",
"description": "CWE-639 Authorization Bypass Through User-Controlled Key",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-21T19:18:21",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://wpscan.com/vulnerability/08a8a51c-49d3-4bce-b7e0-e365af1d8f33"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jetpack.com/2021/06/01/jetpack-9-8-engage-your-audience-with-wordpress-stories/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Jetpack \u003c 9.8 - Carousel Module Non-Published Page/Post Attachment Comment Leak",
"x_generator": "WPScan CVE Generator",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "contact@wpscan.com",
"ID": "CVE-2021-24374",
"STATE": "PUBLIC",
"TITLE": "Jetpack \u003c 9.8 - Carousel Module Non-Published Page/Post Attachment Comment Leak"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Jetpack \u2013 WP Security, Backup, Speed, \u0026 Growth",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "9.8",
"version_value": "9.8"
}
]
}
}
]
},
"vendor_name": "Automattic"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "nguyenhg_vcs"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Jetpack Carousel module of the JetPack WordPress plugin before 9.8 allows users to create a \"carousel\" type image gallery and allows users to comment on the images. A security vulnerability was found within the Jetpack Carousel module by nguyenhg_vcs that allowed the comments of non-published page/posts to be leaked."
}
]
},
"generator": "WPScan CVE Generator",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-639 Authorization Bypass Through User-Controlled Key"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wpscan.com/vulnerability/08a8a51c-49d3-4bce-b7e0-e365af1d8f33",
"refsource": "CONFIRM",
"url": "https://wpscan.com/vulnerability/08a8a51c-49d3-4bce-b7e0-e365af1d8f33"
},
{
"name": "https://jetpack.com/2021/06/01/jetpack-9-8-engage-your-audience-with-wordpress-stories/",
"refsource": "MISC",
"url": "https://jetpack.com/2021/06/01/jetpack-9-8-engage-your-audience-with-wordpress-stories/"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2021-24374",
"datePublished": "2021-06-21T19:18:21",
"dateReserved": "2021-01-14T00:00:00",
"dateUpdated": "2024-08-03T19:28:23.899Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-4392 (GCVE-0-2024-4392)
Vulnerability from cvelistv5
Published
2024-05-14 08:32
Modified
2024-08-01 20:40
Severity ?
VLAI Severity ?
EPSS score ?
Summary
The Jetpack – WP Security, Backup, Speed, & Growth plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wpvideo shortcode in all versions up to, and including, 13.3.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| automattic | Jetpack – WP Security, Backup, Speed, & Growth |
Version: * ≤ 13.3.1 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-4392",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-14T16:41:15.416411Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:53:46.471Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T20:40:47.361Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/11dceac7-7ff8-4384-9046-919c38947c32?source=cve"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/browser/jetpack/tags/13.3.1/modules/videopress/class.videopress-player.php#L335"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Jetpack \u2013 WP Security, Backup, Speed, \u0026 Growth",
"vendor": "automattic",
"versions": [
{
"lessThanOrEqual": "13.3.1",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "wesley"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Jetpack \u2013 WP Security, Backup, Speed, \u0026 Growth plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin\u0027s wpvideo shortcode in all versions up to, and including, 13.3.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-14T08:32:31.906Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/11dceac7-7ff8-4384-9046-919c38947c32?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/jetpack/tags/13.3.1/modules/videopress/class.videopress-player.php#L335"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-05-13T20:29:28.000+00:00",
"value": "Disclosed"
}
],
"title": "Jetpack \u2013 WP Security, Backup, Speed, \u0026 Growth \u003c= 13.3.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via wpvideo Shortcode"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-4392",
"datePublished": "2024-05-14T08:32:31.906Z",
"dateReserved": "2024-05-01T15:55:49.622Z",
"dateUpdated": "2024-08-01T20:40:47.361Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}