WPScan
How it worksPricing
Vulnerabilities
WordPressPluginsThemesStatsSubmit vulnerabilities
For developers
StatusAPI detailsCLI scanner
Contact

WordPress Plugin Vulnerabilities

Jetpack – WP Security, Backup, Speed, & Growth

2023-05-30
Jetpack < 12.1.1 - Author+ Arbitrary File Manipulation via API
Fixed in version 12.1.1
2021-06-03
Jetpack < 9.8 - Carousel Module Non-Published Page/Post Attachment Comment Leak
Fixed in version 9.8
2019-11-19
Jetpack 5.1-7.9 - Vulnerability in Shortcode Embed Code
Fixed in version 7.9.1
2018-12-11
Jetpack <= 6.4.2 - Authenticated Stored Cross-Site Scripting (XSS)
Fixed in version 6.5
2016-06-20
Jetpack <= 4.0.3 - Multiple Vulnerabilities
Fixed in version 4.0.4
2016-05-26
Jetpack 2.0-4.0.2 - Shortcode Stored Cross-Site Scripting (XSS)
Fixed in version 4.0.3
2016-02-25
Jetpack <= 3.9.1 - LaTeX HTML Element XSS
Fixed in version 3.9.2
2015-10-01
Jetpack <= 3.7.0 - Stored Cross-Site Scripting (XSS)
Fixed in version 3.7.1
2015-10-01
Jetpack <= 3.7.0 - Information Disclosure
Fixed in version 3.7.1
2015-05-06
Jetpack <= 3.5.2 - Unauthenticated DOM Cross-Site Scripting (XSS)
Fixed in version 3.5.3
2015-04-20
Jetpack 3.0-3.4.2 - Cross-Site Scripting (XSS)
Fixed in version 3.4.3
2014-08-01
Jetpack <= 2.9.2 - class.jetpack.php XML-RPC Access Control Bypass
Fixed in version 2.9.3