First published: Fri Jan 12 2018(Updated: )
The Jetpack plugin before 4.0.3 for WordPress has XSS via a crafted Vimeo link.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Automattic Jetpack | <4.0.3 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
This vulnerability is identified as CVE-2016-10706.
CVE-2016-10706 has a severity level of medium.
The Jetpack plugin before version 4.0.3 for WordPress is affected by CVE-2016-10706.
An attacker can exploit CVE-2016-10706 by crafting a malicious Vimeo link.
Yes, a fix is available in version 4.0.3 of the Jetpack plugin for WordPress.