Automattic Jetpack_boost
2 CVEs affecting Automattic Jetpack_boost. Latest disclosed: 2025-05-15. Critical: 1, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-6584 | Critical | 9.1 | 2025-05-15 | The 'wp_ajax_boost_proxy_ig' action allows administrators to make GET requests to arbitrary URLs. |
CVE-2024-10076 | Medium | 5.9 | 2025-05-15 | The Jetpack WordPress plugin before 13.8, Jetpack Boost WordPress plugin before 3.4.8 use regexes in the Site Accelerator features when switching image URLs… |