ThreatPress

WordPress Vulnerabilities Database

Back

WordPress Jetpack Plugin <= 2.9.2 - Security BYPASS

Product
Jetpack
Description
This plugin does not properly restrict access to the XML-RPC service. In that way the attackers can bypass intended restrictions and publish posts via unspecified vectors.
Solution
Update the plugin.
Classification
Type BYPASS
References
CVE Mitre
CVE
Name CVE-2014-0173
Versions
Affected In <= 2.9.2
Fixed In 2.9.3
Disclosure date
2013-12-03