cleantalk
Vulnerabilities and Security Researches

Jetpack – WP Security, Backup, Speed, & Growth, cc9326052e5e086b429a42db7048d509aabde351

CVE, Research URL

cc9326052e5e086b429a42db7048d509aabde351

Home page URL

Security reports for Jetpack – WP Security, Backup, Speed, & Growth

Application

Jetpack – WP Security, Backup, Speed, & Growth

Published on
Oct 01, 2015
Research Description
Jetpack &#8211; WP Security, Backup, Speed, &amp; Growth [jetpack] < 3.7.2 Jetpack <= 3.7.1 - Stored Cross-Site Scripting Jetpack versions 3.7.0 and earlier are vulnerable to a Cross-Site Scripting vulnerability in the contact form due to improper input sanitization. This allows an unauthenticated attacker to inject JavaScript into the contact form that can potentially execute in a site administrators browser.
Affected versions
max 3.7.2.
Status
vulnerable
Previous vulnerability researches
Jetpack Feedback Exporter (CVE-2025-32251) , Apr 06, 2025
reCAPTCHA Jetpack (CVE-2025-32494) , Apr 11, 2025
reCAPTCHA Jetpack (CVE-2024-3941) , Jun 07, 2024
reCAPTCHA Jetpack (CVE-2024-3940) , Jun 07, 2024
Tiled Gallery Carousel Without JetPack (CVE-2026-5191) , Jun 03, 2026
New vulnerability
Cornerstone (CVE-2026-9710) , Jun 26, 2026
Cornerstone (CVE-2026-9709) , Jun 26, 2026
Essential Blocks – Page Builder Gutenberg Blocks, Patterns &amp; Templates (CVE-2026-10833) , Jun 26, 2026
Post Duplicator (CVE-2026-10749) , Jun 26, 2026
Tourfic – Ultimate Hotel Booking, Travel Booking &amp; Apartment Booking WordPress Plugin | WooCommerce Booking (CVE-2026-12937) , Jun 26, 2026