jetpack is vulnerable to security bypass. The library does not properly restrict access to it’s XMLRPC functions, allowing a malicious user to view confidential information or publish posts without the proper permissions.
CPE | Name | Operator | Version |
---|---|---|---|
automattic/jetpack | le | 2.8 | |
automattic/jetpack | le | 2.9.2 |