jetpack Jetpack <= 6.4.2 – Authenticated Stored Cross-Site Scripting (XSS)
Description
According to RIPS Technologies:

 "RIPS detected a Stored XSS vulnerability that affects a module available to premium and professional users of Jetpack. Attackers who gained control over an account on the target site with at least Contributor privileges were able to inject arbitrary JavaScript code into the HTML markup of a blog post. Once the administrator of the target site views the malicious blog post, evil JavaScript code is executed which compromises the target server."

SEO News and More

SEO News and More

Share This