Jetpack – WP Security, Backup, Speed, & Growth, 2765d571-059b-4d6f-948c-3ca7b9febcdc

CVE, Research URL: 2765d571-059b-4d6f-948c-3ca7b9febcdc
Home page URL: Security reports for Jetpack – WP Security, Backup, Speed, & Growth
Application: Jetpack – WP Security, Backup, Speed, & Growth
Published on: -
Research Description: Jetpack – WP Security, Backup, Speed, & Growth [jetpack] < 3.5.3 Jetpack <= 3.5.2 - Unauthenticated DOM Cross-Site Scripting (XSS) Genericons <= 3.2 vulnerable to DOM XSS in the example.html file due to using outdated version of jQuery and vulnerable code. Vulnerable Code: permalink = "genericon-" + window.location.hash.split('#')[1]; cssclass = jQuery( '.' + permalink ).attr('class');
Affected versions: max 3.5.3.
Status: vulnerable