Jetpack – WP Security, Backup, Speed, & Growth, 8b2577c950eb5e19c4bf87ece5f8d4ae541b0f5d

CVE, Research URL: 8b2577c950eb5e19c4bf87ece5f8d4ae541b0f5d
Home page URL: Security reports for Jetpack – WP Security, Backup, Speed, & Growth
Application: Jetpack – WP Security, Backup, Speed, & Growth
Published on: Dec 11, 2018
Research Description: Jetpack – WP Security, Backup, Speed, & Growth [jetpack] < 6.5 Jetpack <= 6.4.2 - Cross-Site Scripting via post_meta Jetpack up to 6.4.2 is vulnerable to stored Cross-Site Scripting. This allows attackers with contributor privileges to inject arbitrary JavaScript code into the HTML markup of a blog post.
Affected versions: max 6.5.
Status: vulnerable