Untriaged
Permalink
CVE-2023-47788
4.3 MEDIUM
- CVSS version: 3.1
- Attack vector (AV): NETWORK
- Attack complexity (AC): LOW
- Privileges required (PR): LOW
- User interaction (UI): NONE
- Scope (S): UNCHANGED
- Confidentiality impact (C): NONE
- Integrity impact (I): NONE
- Availability impact (A): LOW
WordPress Jetpack plugin < 12.7 - Contributor+ Broken Access Control vulnerability
Missing Authorization vulnerability in Automattic Jetpack.This issue affects Jetpack: from n/a before 12.7.
References
- https://patchstack.com/database/vulnerability/jetpack/wordpress-jetpack-plugin-… vdb-entry
- https://patchstack.com/database/vulnerability/jetpack/wordpress-jetpack-plugin-… vdb-entry
- https://patchstack.com/database/vulnerability/jetpack/wordpress-jetpack-plugin-… vdb-entry
- https://patchstack.com/database/vulnerability/jetpack/wordpress-jetpack-plugin-… vdb-entry x_transferred
Affected products
jetpack
- <12.7
Matching in nixpkgs
pkgs.wordpressPackages.plugins.jetpack
None
-
nixos-unstable -
- nixpkgs-unstable 14.5
pkgs.wordpressPackages.plugins.jetpack-lite
None
-
nixos-unstable -
- nixpkgs-unstable 3.0.3