Vulnerability in Automattic Jetpack
CVE-2014-0173
The Jetpack plugin before 1.9 before 1.9.4, 2.0.x before 2.0.9, 2.1.x before 2.1.4, 2.2.x before 2.2.7, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.2, 2.6.x before 2.6.3, 2.7.x before 2.7.2, 2.8.x before 2.8.2, and 2.9.x befor…
EPSS: 0.022 (80.7th percentile) — read the EPSS interpretation.
Affected products
- Automattic Jetpack — versions 1.9, 1.9.1, 1.9.2
- N/a — versions n/a
Weakness classification (CWE)
Public proof-of-concept exploits
References
- secalert@redhat.com (x_refsource_CONFIRM, Vendor Advisory)
- secalert@redhat.com (vdb-entry, x_refsource_BID)
- secalert@redhat.com (vdb-entry, x_refsource_XF)
- secalert@redhat.com (x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)
Frequently asked questions
- What is CVE-2014-0173?
- CVE-2014-0173 is a vulnerability in Automattic Jetpack, classified under CWE-264. Published 2014-04-22.
- Is CVE-2014-0173 known to be exploited?
- 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.