cleantalk
Vulnerabilities and Security Researches

Jetpack – WP Security, Backup, Speed, & Growth, ffd169a15f0b3f3b7e9e5d2a66f48050efccf852

CVE, Research URL

ffd169a15f0b3f3b7e9e5d2a66f48050efccf852

Home page URL

Security reports for Jetpack – WP Security, Backup, Speed, & Growth

Application

Jetpack – WP Security, Backup, Speed, & Growth

Published on
Apr 26, 2017
Research Description
Jetpack &#8211; WP Security, Backup, Speed, &amp; Growth [jetpack] < 4.2 Jetpack – WP Security, Backup, Speed, & Growth < 4.2 - Timing Attack The Jetpack plugin for WordPress is vulnerable to timing attacks in versions up to, and including, 4.1.x. This is due to lack of a safe string comparison function.
Affected versions
max 4.2.
Status
vulnerable
Previous vulnerability researches
Jetpack Feedback Exporter (CVE-2025-32251) , Apr 06, 2025
reCAPTCHA Jetpack (CVE-2025-32494) , Apr 11, 2025
reCAPTCHA Jetpack (CVE-2024-3941) , Jun 07, 2024
reCAPTCHA Jetpack (CVE-2024-3940) , Jun 07, 2024
Tiled Gallery Carousel Without JetPack (CVE-2026-5191) , Jun 03, 2026
New vulnerability
Cornerstone (CVE-2026-9710) , Jun 26, 2026
Cornerstone (CVE-2026-9709) , Jun 26, 2026
Essential Blocks – Page Builder Gutenberg Blocks, Patterns &amp; Templates (CVE-2026-10833) , Jun 26, 2026
Post Duplicator (CVE-2026-10749) , Jun 26, 2026
Tourfic – Ultimate Hotel Booking, Travel Booking &amp; Apartment Booking WordPress Plugin | WooCommerce Booking (CVE-2026-12937) , Jun 26, 2026