Filtered by vendor Automattic
Subscribe
Search
Total
12 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-50879 | 1 Automattic | 1 Wordpress.com Editing Toolkit | 2024-01-05 | N/A | 5.4 MEDIUM |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Automattic WordPress.Com Editing Toolkit allows Stored XSS.This issue affects WordPress.Com Editing Toolkit: from n/a through 3.78784. | |||||
| CVE-2023-49828 | 1 Automattic | 1 Woopayments | 2023-12-18 | N/A | 5.4 MEDIUM |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Automattic WooPayments – Fully Integrated Solution Built and Supported by Woo allows Stored XSS.This issue affects WooPayments – Fully Integrated Solution Built and Supported by Woo: from n/a through 6.4.2. | |||||
| CVE-2023-45050 | 1 Automattic | 1 Jetpack | 2023-12-06 | N/A | 5.4 MEDIUM |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Automattic Jetpack – WP Security, Backup, Speed, & Growth allows Stored XSS.This issue affects Jetpack – WP Security, Backup, Speed, & Growth: from n/a through 12.8-a.1. | |||||
| CVE-2023-47777 | 1 Automattic | 2 Woocommerce, Woocommerce Blocks | 2023-12-05 | N/A | 5.4 MEDIUM |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Automattic WooCommerce, Automattic WooCommerce Blocks allows Stored XSS.This issue affects WooCommerce: from n/a through 8.1.1; WooCommerce Blocks: from n/a through 11.1.1. | |||||
| CVE-2021-24374 | 1 Automattic | 1 Jetpack | 2022-07-29 | 5.0 MEDIUM | 5.3 MEDIUM |
| The Jetpack Carousel module of the JetPack WordPress plugin before 9.8 allows users to create a "carousel" type image gallery and allows users to comment on the images. A security vulnerability was found within the Jetpack Carousel module by nguyenhg_vcs that allowed the comments of non-published page/posts to be leaked. | |||||
| CVE-2021-24329 | 1 Automattic | 1 Wp Super Cache | 2021-06-10 | 3.5 LOW | 5.4 MEDIUM |
| The WP Super Cache WordPress plugin before 1.7.3 did not properly sanitise its wp_cache_location parameter in its settings, which could lead to a Stored Cross-Site Scripting issue. | |||||
| CVE-2013-2008 | 1 Automattic | 1 Wp Super Cache | 2020-02-10 | 4.3 MEDIUM | 6.1 MEDIUM |
| WordPress Super Cache Plugin 1.3 has XSS. | |||||
| CVE-2015-9359 | 1 Automattic | 1 Jetpack | 2019-08-30 | 4.3 MEDIUM | 6.1 MEDIUM |
| The Jetpack plugin before 3.4.3 for WordPress has XSS via add_query_arg() and remove_query_arg(). | |||||
| CVE-2015-9357 | 1 Automattic | 1 Akismet | 2019-08-29 | 4.3 MEDIUM | 6.1 MEDIUM |
| The akismet plugin before 3.1.5 for WordPress has XSS. | |||||
| CVE-2016-10763 | 1 Automattic | 1 Camptix Event Ticketing | 2019-07-18 | 3.5 LOW | 4.8 MEDIUM |
| The CampTix Event Ticketing plugin before 1.5 for WordPress allows XSS in the admin section via a ticket title or body. | |||||
| CVE-2016-10706 | 1 Automattic | 1 Jetpack | 2018-01-24 | 4.3 MEDIUM | 6.1 MEDIUM |
| The Jetpack plugin before 4.0.3 for WordPress has XSS via a crafted Vimeo link. | |||||
| CVE-2016-10705 | 1 Automattic | 1 Jetpack | 2018-01-24 | 4.3 MEDIUM | 6.1 MEDIUM |
| The Jetpack plugin before 4.0.4 for WordPress has XSS via the Likes module. | |||||