Jetpack – WP Security, Backup, Speed, & Growth WordPress Plugin Security Vulnerabilities | WPScan

121

January 7, 2026

3000000

Published

2024-12-04

Title

Jetpack 13.0-14.0 - Unauthenticated DOM-XSS

Fixed in

Fixed in 14.1-a.1

CVSS

4.7 (medium)

Published

2024-10-14

Title

Jetpack < 13.9.1 - Subscriber+ Arbitrary Feedback Access

Fixed in

Fixed in 4.1.4

CVSS

4.3 (medium)

Published

2024-10-14

Title

Jetpack < 13.9.1 - Subscriber+ Arbitrary Feedback Access

Fixed in

Fixed in 13.7.1

CVSS

4.3 (medium)

Published

2024-10-14

Title

Jetpack < 13.9.1 - Subscriber+ Arbitrary Feedback Access

Fixed in

Fixed in 12.1.2

CVSS

4.3 (medium)

Published

2024-10-14

Title

Jetpack < 13.9.1 - Subscriber+ Arbitrary Feedback Access

Fixed in

Fixed in 10.5.3

CVSS

4.3 (medium)

Published

2024-10-14

Title

Jetpack < 13.9.1 - Subscriber+ Arbitrary Feedback Access

Fixed in

Fixed in 8.9.4

CVSS

4.3 (medium)

Published

2024-10-14

Title

Jetpack < 13.9.1 - Subscriber+ Arbitrary Feedback Access

Fixed in

Fixed in 7.3.5

CVSS

4.3 (medium)

Published

2024-10-14

Title

Jetpack < 13.9.1 - Subscriber+ Arbitrary Feedback Access

Fixed in

Fixed in 5.7.5

CVSS

4.3 (medium)

Published

2024-10-14

Title

Jetpack < 13.9.1 - Subscriber+ Arbitrary Feedback Access

Fixed in

Fixed in 12.8.2

CVSS

4.3 (medium)

Published

2024-10-14

Title

Jetpack < 13.9.1 - Subscriber+ Arbitrary Feedback Access

Fixed in

Fixed in 11.2.2

CVSS

4.3 (medium)

Published

2024-10-14

Title

Jetpack < 13.9.1 - Subscriber+ Arbitrary Feedback Access

Fixed in

Fixed in 9.6.4

CVSS

4.3 (medium)

Published

2024-10-14

Title

Jetpack < 13.9.1 - Subscriber+ Arbitrary Feedback Access

Fixed in

Fixed in 8.0.3

CVSS

4.3 (medium)

Published

2024-10-14

Title

Jetpack < 13.9.1 - Subscriber+ Arbitrary Feedback Access

Fixed in

Fixed in 6.4.6

CVSS

4.3 (medium)

Published

2024-10-14

Title

Jetpack < 13.9.1 - Subscriber+ Arbitrary Feedback Access

Fixed in

Fixed in 4.8.5

CVSS

4.3 (medium)

Published

2024-10-14

Title

Jetpack < 13.9.1 - Subscriber+ Arbitrary Feedback Access

Fixed in

Fixed in 10.3.2

CVSS

4.3 (medium)

Published

2024-10-14

Title

Jetpack < 13.9.1 - Subscriber+ Arbitrary Feedback Access

Fixed in

Fixed in 8.7.4

CVSS

4.3 (medium)

Published

2024-10-14

Title

Jetpack < 13.9.1 - Subscriber+ Arbitrary Feedback Access

Fixed in

Fixed in 7.1.5

CVSS

4.3 (medium)

Published

2024-10-14

Title

Jetpack < 13.9.1 - Subscriber+ Arbitrary Feedback Access

Fixed in

Fixed in 5.5.5

CVSS

4.3 (medium)

Published

2024-10-14

Title

Jetpack < 13.9.1 - Subscriber+ Arbitrary Feedback Access

Fixed in

Fixed in 3.9.10

CVSS

4.3 (medium)

Published

2024-10-14

Title

Jetpack < 13.9.1 - Subscriber+ Arbitrary Feedback Access

Fixed in

Fixed in 13.5.1

CVSS

4.3 (medium)

Published

2024-10-14

Title

Jetpack < 13.9.1 - Subscriber+ Arbitrary Feedback Access

Fixed in

Fixed in 11.9.3

CVSS

4.3 (medium)

Published

2024-10-14

Title

Jetpack < 13.9.1 - Subscriber+ Arbitrary Feedback Access

Fixed in

Fixed in 12.6.3

CVSS

4.3 (medium)

Published

2024-10-14

Title

Jetpack < 13.9.1 - Subscriber+ Arbitrary Feedback Access

Fixed in

Fixed in 11.0.2

CVSS

4.3 (medium)

Published

2024-10-14

Title

Jetpack < 13.9.1 - Subscriber+ Arbitrary Feedback Access

Fixed in

Fixed in 9.4.4

CVSS

4.3 (medium)

Published

2024-10-14

Title

Jetpack < 13.9.1 - Subscriber+ Arbitrary Feedback Access

Fixed in

Fixed in 7.8.4

CVSS

4.3 (medium)

Published

2024-10-14

Title

Jetpack < 13.9.1 - Subscriber+ Arbitrary Feedback Access

Fixed in

Fixed in 6.2.5

CVSS

4.3 (medium)

Published

2024-10-14

Title

Jetpack < 13.9.1 - Subscriber+ Arbitrary Feedback Access

Fixed in

Fixed in 4.6.3

CVSS

4.3 (medium)

Published

2024-10-14

Title

Jetpack < 13.9.1 - Subscriber+ Arbitrary Feedback Access

Fixed in

Fixed in 13.3.2

CVSS

4.3 (medium)

Published

2024-10-14

Title

Jetpack < 13.9.1 - Subscriber+ Arbitrary Feedback Access

Fixed in

Fixed in 11.7.3

CVSS

4.3 (medium)

Published

2024-10-14

Title

Jetpack < 13.9.1 - Subscriber+ Arbitrary Feedback Access

Fixed in

Fixed in 10.1.2

CVSS

4.3 (medium)

Published

2024-10-14

Title

Jetpack < 13.9.1 - Subscriber+ Arbitrary Feedback Access

Fixed in

Fixed in 8.5.3

CVSS

4.3 (medium)

Published

2024-10-14

Title

Jetpack < 13.9.1 - Subscriber+ Arbitrary Feedback Access

Fixed in

Fixed in 6.9.4

CVSS

4.3 (medium)

Published

2024-10-14

Title

Jetpack < 13.9.1 - Subscriber+ Arbitrary Feedback Access

Fixed in

Fixed in 5.3.4

CVSS

4.3 (medium)

Published

2024-10-14

Title

Jetpack < 13.9.1 - Subscriber+ Arbitrary Feedback Access

Fixed in

Fixed in 12.4.1

CVSS

4.3 (medium)

Published

2024-10-14

Title

Jetpack < 13.9.1 - Subscriber+ Arbitrary Feedback Access

Fixed in

Fixed in 10.8.2

CVSS

4.3 (medium)

Published

2024-10-14

Title

Jetpack < 13.9.1 - Subscriber+ Arbitrary Feedback Access

Fixed in

Fixed in 9.2.4

CVSS

4.3 (medium)

Published

2024-10-14

Title

Jetpack < 13.9.1 - Subscriber+ Arbitrary Feedback Access

Fixed in

Fixed in 7.6.4

CVSS

4.3 (medium)

Published

2024-10-14

Title

Jetpack < 13.9.1 - Subscriber+ Arbitrary Feedback Access

Fixed in

Fixed in 6.0.4

CVSS

4.3 (medium)

Published

2024-10-14

Title

Jetpack < 13.9.1 - Subscriber+ Arbitrary Feedback Access

Fixed in

Fixed in 4.4.5

CVSS

4.3 (medium)

Published

2024-10-14

Title

Jetpack < 13.9.1 - Subscriber+ Arbitrary Feedback Access

Fixed in

Fixed in 13.1.4

CVSS

4.3 (medium)

Published

2024-10-14

Title

Jetpack < 13.9.1 - Subscriber+ Arbitrary Feedback Access

Fixed in

Fixed in 11.5.3

CVSS

4.3 (medium)

Published

2024-10-14

Title

Jetpack < 13.9.1 - Subscriber+ Arbitrary Feedback Access

Fixed in

Fixed in 9.9.3

CVSS

4.3 (medium)

Published

2024-10-14

Title

Jetpack < 13.9.1 - Subscriber+ Arbitrary Feedback Access

Fixed in

Fixed in 8.3.3

CVSS

4.3 (medium)

Published

2024-10-14

Title

Jetpack < 13.9.1 - Subscriber+ Arbitrary Feedback Access

Fixed in

Fixed in 6.7.4

CVSS

4.3 (medium)

Published

2024-10-14

Title

Jetpack < 13.9.1 - Subscriber+ Arbitrary Feedback Access

Fixed in

Fixed in 5.1.4

CVSS

4.3 (medium)

Published

2024-10-14

Title

Jetpack < 13.9.1 - Subscriber+ Arbitrary Feedback Access

Fixed in

Fixed in 13.8.2

CVSS

4.3 (medium)

Published

2024-10-14

Title

Jetpack < 13.9.1 - Subscriber+ Arbitrary Feedback Access

Fixed in

Fixed in 12.2.2

CVSS

4.3 (medium)

Published

2024-10-14

Title

Jetpack < 13.9.1 - Subscriber+ Arbitrary Feedback Access

Fixed in

Fixed in 10.6.2

CVSS

4.3 (medium)

Published

2024-10-14

Title

Jetpack < 13.9.1 - Subscriber+ Arbitrary Feedback Access

Fixed in

Fixed in 9.0.5

CVSS

4.3 (medium)

Published

2024-10-14

Title

Jetpack < 13.9.1 - Subscriber+ Arbitrary Feedback Access

Fixed in

Fixed in 7.4.5

CVSS

4.3 (medium)

Published

2024-10-14

Title

Jetpack < 13.9.1 - Subscriber+ Arbitrary Feedback Access

Fixed in

Fixed in 5.8.4

CVSS

4.3 (medium)

Published

2024-10-14

Title

Jetpack < 13.9.1 - Subscriber+ Arbitrary Feedback Access

Fixed in

Fixed in 4.2.5

CVSS

4.3 (medium)

Published

2024-10-14

Title

Jetpack < 13.9.1 - Subscriber+ Arbitrary Feedback Access

Fixed in

Fixed in 12.9.4

CVSS

4.3 (medium)

Published

2024-10-14

Title

Jetpack < 13.9.1 - Subscriber+ Arbitrary Feedback Access

Fixed in

Fixed in 11.3.4

CVSS

4.3 (medium)

Published

2024-10-14

Title

Jetpack < 13.9.1 - Subscriber+ Arbitrary Feedback Access

Fixed in

Fixed in 9.7.3

CVSS

4.3 (medium)

Published

2024-10-14

Title

Jetpack < 13.9.1 - Subscriber+ Arbitrary Feedback Access

Fixed in

Fixed in 8.1.4

CVSS

4.3 (medium)

Published

2024-10-14

Title

Jetpack < 13.9.1 - Subscriber+ Arbitrary Feedback Access

Fixed in

Fixed in 6.5.4

CVSS

4.3 (medium)

Published

2024-10-14

Title

Jetpack < 13.9.1 - Subscriber+ Arbitrary Feedback Access

Fixed in

Fixed in 4.9.3

CVSS

4.3 (medium)

Published

2024-10-14

Title

Jetpack < 13.9.1 - Subscriber+ Arbitrary Feedback Access

Fixed in

Fixed in 7.2.5

CVSS

4.3 (medium)

Published

2024-10-14

Title

Jetpack < 13.9.1 - Subscriber+ Arbitrary Feedback Access

Fixed in

Fixed in 5.6.5

CVSS

4.3 (medium)

Published

2024-10-14

Title

Jetpack < 13.9.1 - Subscriber+ Arbitrary Feedback Access

Fixed in

Fixed in 4.0.7

CVSS

4.3 (medium)

Published

2024-10-14

Title

Jetpack < 13.9.1 - Subscriber+ Arbitrary Feedback Access

Fixed in

Fixed in 13.6.1

CVSS

4.3 (medium)

Published

2024-10-14

Title

Jetpack < 13.9.1 - Subscriber+ Arbitrary Feedback Access

Fixed in

Fixed in 12.0.2

CVSS

4.3 (medium)

Published

2024-10-14

Title

Jetpack < 13.9.1 - Subscriber+ Arbitrary Feedback Access

Fixed in

Fixed in 10.4.2

CVSS

4.3 (medium)

Published

2024-10-14

Title

Jetpack < 13.9.1 - Subscriber+ Arbitrary Feedback Access

Fixed in

Fixed in 8.8.5

CVSS

4.3 (medium)

Published

2024-10-14

Title

Jetpack < 13.9.1 - Subscriber+ Arbitrary Feedback Access

Fixed in

Fixed in 12.7.2

CVSS

4.3 (medium)

Published

2024-10-14

Title

Jetpack < 13.9.1 - Subscriber+ Arbitrary Feedback Access

Fixed in

Fixed in 11.1.4

CVSS

4.3 (medium)

Published

2024-10-14

Title

Jetpack < 13.9.1 - Subscriber+ Arbitrary Feedback Access

Fixed in

Fixed in 9.5.5

CVSS

4.3 (medium)

Published

2024-10-14

Title

Jetpack < 13.9.1 - Subscriber+ Arbitrary Feedback Access

Fixed in

Fixed in 7.9.4

CVSS

4.3 (medium)

Published

2024-10-14

Title

Jetpack < 13.9.1 - Subscriber+ Arbitrary Feedback Access

Fixed in

Fixed in 6.3.7

CVSS

4.3 (medium)

Published

2024-10-14

Title

Jetpack < 13.9.1 - Subscriber+ Arbitrary Feedback Access

Fixed in

Fixed in 4.7.4

CVSS

4.3 (medium)

Published

2024-10-14

Title

Jetpack < 13.9.1 - Subscriber+ Arbitrary Feedback Access

Fixed in

Fixed in 13.4.4

CVSS

4.3 (medium)

Published

2024-10-14

Title

Jetpack < 13.9.1 - Subscriber+ Arbitrary Feedback Access

Fixed in

Fixed in 11.8.6

CVSS

4.3 (medium)

Published

2024-10-14

Title

Jetpack < 13.9.1 - Subscriber+ Arbitrary Feedback Access

Fixed in

Fixed in 10.2.3

CVSS

4.3 (medium)

Published

2024-10-14

Title

Jetpack < 13.9.1 - Subscriber+ Arbitrary Feedback Access

Fixed in

Fixed in 8.6.4

CVSS

4.3 (medium)

Published

2024-10-14

Title

Jetpack < 13.9.1 - Subscriber+ Arbitrary Feedback Access

Fixed in

Fixed in 7.0.5

CVSS

4.3 (medium)

Published

2024-10-14

Title

Jetpack < 13.9.1 - Subscriber+ Arbitrary Feedback Access

Fixed in

Fixed in 5.4.4

CVSS

4.3 (medium)

Published

2024-10-14

Title

Jetpack < 13.9.1 - Subscriber+ Arbitrary Feedback Access

Fixed in

Fixed in 12.5.1

CVSS

4.3 (medium)

Published

2024-10-14

Title

Jetpack < 13.9.1 - Subscriber+ Arbitrary Feedback Access

Fixed in

Fixed in 10.9.3

CVSS

4.3 (medium)

Published

2024-10-14

Title

Jetpack < 13.9.1 - Subscriber+ Arbitrary Feedback Access

Fixed in

Fixed in 9.3.5

CVSS

4.3 (medium)

Published

2024-10-14

Title

Jetpack < 13.9.1 - Subscriber+ Arbitrary Feedback Access

Fixed in

Fixed in 7.7.6

CVSS

4.3 (medium)

Published

2024-10-14

Title

Jetpack < 13.9.1 - Subscriber+ Arbitrary Feedback Access

Fixed in

Fixed in 6.1.5

CVSS

4.3 (medium)

Published

2024-10-14

Title

Jetpack < 13.9.1 - Subscriber+ Arbitrary Feedback Access

Fixed in

Fixed in 4.5.3

CVSS

4.3 (medium)

Published

2024-10-14

Title

Jetpack < 13.9.1 - Subscriber+ Arbitrary Feedback Access

Fixed in

Fixed in 13.2.3

CVSS

4.3 (medium)

Published

2024-10-14

Title

Jetpack < 13.9.1 - Subscriber+ Arbitrary Feedback Access

Fixed in

Fixed in 11.6.2

CVSS

4.3 (medium)

Published

2024-10-14

Title

Jetpack < 13.9.1 - Subscriber+ Arbitrary Feedback Access

Fixed in

Fixed in 10.0.2

CVSS

4.3 (medium)

Published

2024-10-14

Title

Jetpack < 13.9.1 - Subscriber+ Arbitrary Feedback Access

Fixed in

Fixed in 8.4.5

CVSS

4.3 (medium)

Published

2024-10-14

Title

Jetpack < 13.9.1 - Subscriber+ Arbitrary Feedback Access

Fixed in

Fixed in 6.8.5

CVSS

4.3 (medium)

Published

2024-10-14

Title

Jetpack < 13.9.1 - Subscriber+ Arbitrary Feedback Access

Fixed in

Fixed in 5.2.5

CVSS

4.3 (medium)

Published

2024-10-14

Title

Jetpack < 13.9.1 - Subscriber+ Arbitrary Feedback Access

Fixed in

Fixed in 13.9.1

CVSS

4.3 (medium)

Published

2024-10-14

Title

Jetpack < 13.9.1 - Subscriber+ Arbitrary Feedback Access

Fixed in

Fixed in 12.3.1

CVSS

4.3 (medium)

Published

2024-10-14

Title

Jetpack < 13.9.1 - Subscriber+ Arbitrary Feedback Access

Fixed in

Fixed in 10.7.2

CVSS

4.3 (medium)

Published

2024-10-14

Title

Jetpack < 13.9.1 - Subscriber+ Arbitrary Feedback Access

Fixed in

Fixed in 9.1.3

CVSS

4.3 (medium)

Published

2024-10-14

Title

Jetpack < 13.9.1 - Subscriber+ Arbitrary Feedback Access

Fixed in

Fixed in 7.5.7

CVSS

4.3 (medium)

Published

2024-10-14

Title

Jetpack < 13.9.1 - Subscriber+ Arbitrary Feedback Access

Fixed in

Fixed in 5.9.4

CVSS

4.3 (medium)

Published

2024-10-14

Title

Jetpack < 13.9.1 - Subscriber+ Arbitrary Feedback Access

Fixed in

Fixed in 4.3.5

CVSS

4.3 (medium)

Published

2024-10-14

Title

Jetpack < 13.9.1 - Subscriber+ Arbitrary Feedback Access

Fixed in

Fixed in 13.0.1

CVSS

4.3 (medium)

Published

2024-10-14

Title

Jetpack < 13.9.1 - Subscriber+ Arbitrary Feedback Access

Fixed in

Fixed in 11.4.2

CVSS

4.3 (medium)

Published

2024-10-14

Title

Jetpack < 13.9.1 - Subscriber+ Arbitrary Feedback Access

Fixed in

Fixed in 9.8.3

CVSS

4.3 (medium)

Published

2024-10-14

Title

Jetpack < 13.9.1 - Subscriber+ Arbitrary Feedback Access

Fixed in

Fixed in 8.2.6

CVSS

4.3 (medium)

Published

2024-10-14

Title

Jetpack < 13.9.1 - Subscriber+ Arbitrary Feedback Access

Fixed in

Fixed in 6.6.5

CVSS

4.3 (medium)

Published

2024-10-14

Title

Jetpack < 13.9.1 - Subscriber+ Arbitrary Feedback Access

Fixed in

Fixed in 5.0.3

CVSS

4.3 (medium)

Published

2024-09-04

Title

Jetpack < 13.8, Boost < 3.4.8 - Contributor+ Stored XSS

Fixed in

Fixed in 13.8

CVSS

5.9 (medium)

Published

2024-09-04

Title

Jetpack < 13.8 - Unauthenticated Arbitrary Block & Shortcode Execution

Fixed in

Fixed in 13.8

CVSS

5.6 (medium)

Published

2024-05-13

Title

Jetpack < 13.4 - Contributor+ Stored Cross-Site Scripting via wpvideo Shortcode

Fixed in

Fixed in 13.4

CVSS

6.4 (medium)

Published

2024-03-25

Title

Jetpack < 13.2.1 - Contributor+ Stored XSS

Fixed in

Fixed in 13.2.1

CVSS

5.9 (medium)

Published

2023-11-16

Title

Jetpack < 12.8-a.3 - Contributor+ Stored XSS via block attribute

Fixed in

Fixed in 12.8-a.3

CVSS

5.9 (medium)

Published

2023-11-16

Title

Jetpack < 12.7 - Authenticated(Contributor+) Clickjacking via Iframe Injection

Fixed in

Fixed in 12.7

CVSS

5 (medium)

Published

2023-11-16

Title

Jetpack < 12.7 - Improper Authorization via WPCom External Media REST endpoints

Fixed in

Fixed in 12.7

CVSS

4.3 (medium)

Published

2023-05-30

Title

Jetpack < 12.1.1 - Author+ Arbitrary File Manipulation via API

Fixed in

Fixed in 12.1.1

CVSS

8.0 (high)

Published

2021-06-03

Title

Jetpack < 9.8 - Carousel Module Non-Published Page/Post Attachment Comment Leak

Fixed in

Fixed in 9.8

CVSS

5.3 (medium)

Published

2019-11-19

Title

Jetpack 5.1-7.9 - Vulnerability in Shortcode Embed Code

Fixed in

Fixed in 7.9.1

CVSS

n/a

Published

2018-12-11

Title

Jetpack < 6.5 - Authenticated Stored Cross-Site Scripting (XSS)

Fixed in

Fixed in 6.5

CVSS

n/a

Published

2016-06-20

Title

Jetpack <= 4.0.3 - Multiple Vulnerabilities

Fixed in

Fixed in 4.0.4

CVSS

6.1 (medium)

Published

2016-05-26

Title

Jetpack 2.0-4.0.2 - Shortcode Stored Cross-Site Scripting (XSS)

Fixed in

Fixed in 4.0.3

CVSS

6.1 (medium)

Published

2016-02-25

Title

Jetpack <= 3.9.1 - LaTeX HTML Element XSS

Fixed in

Fixed in 3.9.2

CVSS

n/a

Published

2015-10-01

Title

Jetpack <= 3.7.0 - Stored Cross-Site Scripting (XSS)

Fixed in

Fixed in 3.7.1

CVSS

n/a

Published

2015-10-01

Title

Jetpack <= 3.7.0 - Information Disclosure

Fixed in

Fixed in 3.7.1

CVSS

n/a

Published

2015-05-06

Title

Jetpack <= 3.5.2 - Unauthenticated DOM Cross-Site Scripting (XSS)

Fixed in

Fixed in 3.5.3

CVSS

n/a

Published

2015-04-20

Title

Jetpack 3.0-3.4.2 - Cross-Site Scripting (XSS)

Fixed in

Fixed in 3.4.3

CVSS

6.1 (medium)

Published

2014-08-01

Title

Jetpack <= 2.9.2 - class.jetpack.php XML-RPC Access Control Bypass

Fixed in

Fixed in 2.9.3

CVSS

n/a