Jetpack
Automattic
Developer
15.2
Latest version
4,000,000
Installations
Nov 4, 2025
Last updated
Vulnerability history
0 present
20 fixed
5 Mitigation rules
- Contributor+ Stored XSS vulnerability< 13.8May 16, 2025
- Unauthenticated Arbitrary Block & Shortcode Execution vulnerability< 13.8May 16, 2025
- Unauthenticated DOM-XSS vulnerability13.0-14.0Dec 25, 2024
- Authenticated Arbitrary Feedback Access vulnerability< 13.9.1Oct 14, 2024
- Authenticated (Contributor+) Stored Cross-Site Scripting via wpvideo Shortcode vulnerability<= 13.3.1May 14, 2024
- Contributor+ Broken Access Control vulnerability< 12.7Nov 15, 2023
- Contributor+ Iframe Injection vulnerability< 12.7Nov 15, 2023
- Cross Site Scripting (XSS) vulnerability<= 12.8-a.1Nov 15, 2023
- Arbitrary File Overwrite vulnerability<= 12.1May 30, 2023
- Attached Image Comment Leak For Non-Published Post And Pages in Carousel Feature<= 9.7.1Jun 1, 2021
- Shortcode embedding system vulnerability<= 7.9Nov 21, 2019
- Authenticated Stored Cross-Site Scripting (XSS) vulnerability<= 6.4.2Dec 12, 2018
- Multiple Vulnerabilities<= 4.0.3Jun 20, 2016
- Stored Cross Site Scripting<= 4.0.2May 26, 2016
- Cross Site Scripting<= 3.9.1Feb 25, 2016
- Stored Cross Site Scripting<= 3.7.0Oct 1, 2015
- Information Disclosure<= 3.7.0Oct 1, 2015
- Cross Site Scripting<= 3.5.2May 6, 2015
- Cross Site Scripting<= 3.4.2Apr 20, 2015
- Security BYPASS<= 2.9.2Dec 3, 2013