Jetpack < 9.8 - Carousel Module Non-Published Page/Post Attachment Comment Leak

Description

The Jetpack Carousel module allows users to create a "carousel" type image gallery and allows users to comment on the images.

A security vulnerability was found within the Jetpack Carousel module by nguyenhg_vcs that allowed the comments of non-published page/posts to be leaked.

Please refer to the Proof of Concept (PoC) of this vulnerability for further technical details.

Proof of Concept

The PoC will be displayed on June 17, 2021, to give users the time to update.

Affects Plugins

jetpack

Fixed in version 9.8✓

References

CVE

CVE-2021-24374

URL

https://jetpack.com/2021/06/01/jetpack-9-8-engage-your-audience-with-wordpress-stories/

URL

https://plugins.trac.wordpress.org/changeset/2541817/jetpack

Classification

Type

IDOR

OWASP top 10

A5: Broken Access Control

CWE

CWE-284

Miscellaneous

Original Researcher

nguyenhg_vcs

Submitter

Jetpack Scan

Verified

Yes

WPVDB ID

08a8a51c-49d3-4bce-b7e0-e365af1d8f33

Timeline

Publicly Published

2021-06-03 (about 10 days ago)

Added

2021-06-03 (about 10 days ago)

Last Updated

2021-06-04 (about 9 days ago)

Our Other Services

WPScan WordPress Security Plugin