cleantalk
Vulnerabilities and Security Researches

Jetpack – WP Security, Backup, Speed, & Growth, a8073510758ddc46d88dbae64b770262e9ef8de3

CVE, Research URL

a8073510758ddc46d88dbae64b770262e9ef8de3

Home page URL

Security reports for Jetpack – WP Security, Backup, Speed, & Growth

Application

Jetpack – WP Security, Backup, Speed, & Growth

Published on
Oct 19, 2019
Research Description
Jetpack &#8211; WP Security, Backup, Speed, &amp; Growth [jetpack] <= 7.9 Jetpack <= 7.9 - Stored Cross-Site Scripting The Jetpack plugin for WordPress is vulnerable to Stored Cross-Site Scripting via a shortcode in versions up to, and including, 7.9. This makes it possible for medium-level authenticated attackers to inject arbitrary web scripts in administrative pages and posts that execute whenever a user accesses the page with the stored web scripts.
Affected versions
max 7.9.
Status
vulnerable
Previous vulnerability researches
Jetpack Feedback Exporter (CVE-2025-32251) , Apr 06, 2025
reCAPTCHA Jetpack (CVE-2025-32494) , Apr 11, 2025
reCAPTCHA Jetpack (CVE-2024-3941) , Jun 07, 2024
reCAPTCHA Jetpack (CVE-2024-3940) , Jun 07, 2024
Tiled Gallery Carousel Without JetPack (CVE-2026-5191) , Jun 03, 2026
New vulnerability
Cornerstone (CVE-2026-9710) , Jun 26, 2026
Cornerstone (CVE-2026-9709) , Jun 26, 2026
Essential Blocks – Page Builder Gutenberg Blocks, Patterns &amp; Templates (CVE-2026-10833) , Jun 26, 2026
Post Duplicator (CVE-2026-10749) , Jun 26, 2026
Tourfic – Ultimate Hotel Booking, Travel Booking &amp; Apartment Booking WordPress Plugin | WooCommerce Booking (CVE-2026-12937) , Jun 26, 2026