cleantalk
Vulnerabilities and Security Researches

Jetpack – WP Security, Backup, Speed, & Growth, CVE-2024-10075

CVE, Research URL

CVE-2024-10075

Home page URL

Security reports for Jetpack – WP Security, Backup, Speed, & Growth

Application

Jetpack – WP Security, Backup, Speed, & Growth

Published on
May 16, 2025
Research Description
The Jetpack WordPress plugin before 13.8 does not ensure that the post created by the Contact Form is only accessible to authorised users, which could allow unauthenticated users to run arbitrary shortcodes and block.
Affected versions
Min -, max 13.8.
Status
vulnerable
Previous vulnerability researches
Accordion Slider Lite (CVE-2024-11892) , Jan 12, 2025
New vulnerability
Contact Form, Survey & Popup Form Plugin for WordPress – ARForms Form Builder (CVE-2024-10504) , May 17, 2025
Front End Users (CVE-2025-47580) , May 17, 2025
ApplyOnline – Application Form Builder and Manager (CVE-2024-10098) , May 17, 2025
Jetpack – WP Security, Backup, Speed, & Growth (CVE-2024-10076) , May 17, 2025
Jetpack – WP Security, Backup, Speed, & Growth (CVE-2024-10075) , May 17, 2025