CVE Vulnerabilities

CVE-2014-0173

Published: Apr 22, 2014 | Modified: Aug 29, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5.8 MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:N
RedHat/V2
RedHat/V3
Ubuntu

The Jetpack plugin before 1.9 before 1.9.4, 2.0.x before 2.0.9, 2.1.x before 2.1.4, 2.2.x before 2.2.7, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.2, 2.6.x before 2.6.3, 2.7.x before 2.7.2, 2.8.x before 2.8.2, and 2.9.x before 2.9.3 for WordPress does not properly restrict access to the XML-RPC service, which allows remote attackers to bypass intended restrictions and publish posts via unspecified vectors. NOTE: some of these details are obtained from third party information.

Affected Software

Name Vendor Start Version End Version
Jetpack Automattic 1.9 (including) 1.9 (including)
Jetpack Automattic 1.9.1 (including) 1.9.1 (including)
Jetpack Automattic 1.9.2 (including) 1.9.2 (including)
Jetpack Automattic 2.0 (including) 2.0 (including)
Jetpack Automattic 2.0.1 (including) 2.0.1 (including)
Jetpack Automattic 2.0.2 (including) 2.0.2 (including)
Jetpack Automattic 2.0.3 (including) 2.0.3 (including)
Jetpack Automattic 2.0.4 (including) 2.0.4 (including)
Jetpack Automattic 2.1 (including) 2.1 (including)
Jetpack Automattic 2.1.1 (including) 2.1.1 (including)
Jetpack Automattic 2.1.2 (including) 2.1.2 (including)
Jetpack Automattic 2.2 (including) 2.2 (including)
Jetpack Automattic 2.2.1 (including) 2.2.1 (including)
Jetpack Automattic 2.2.2 (including) 2.2.2 (including)
Jetpack Automattic 2.2.3 (including) 2.2.3 (including)
Jetpack Automattic 2.2.4 (including) 2.2.4 (including)
Jetpack Automattic 2.2.5 (including) 2.2.5 (including)
Jetpack Automattic 2.3 (including) 2.3 (including)
Jetpack Automattic 2.3.1 (including) 2.3.1 (including)
Jetpack Automattic 2.3.2 (including) 2.3.2 (including)
Jetpack Automattic 2.3.3 (including) 2.3.3 (including)
Jetpack Automattic 2.3.4 (including) 2.3.4 (including)
Jetpack Automattic 2.3.5 (including) 2.3.5 (including)
Jetpack Automattic 2.4 (including) 2.4 (including)
Jetpack Automattic 2.4.1 (including) 2.4.1 (including)
Jetpack Automattic 2.4.2 (including) 2.4.2 (including)
Jetpack Automattic 2.5 (including) 2.5 (including)
Jetpack Automattic 2.6 (including) 2.6 (including)
Jetpack Automattic 2.6.1 (including) 2.6.1 (including)
Jetpack Automattic 2.7 (including) 2.7 (including)
Jetpack Automattic 2.8 (including) 2.8 (including)
Jetpack Automattic 2.9 (including) 2.9 (including)
Jetpack Automattic 2.9.1 (including) 2.9.1 (including)
Jetpack Automattic 2.9.2 (including) 2.9.2 (including)
Jetpack Automattic 2.9.3 (including) 2.9.3 (including)

References