The Jetpack WordPress plugin before 12.1.1 does not validate uploaded files, allowing users with author roles or above to manipulate existing files on the site, deleting arbitrary files, and in rare cases achieve Remote Code Execution via phar deserialization.

Metrics

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation poc

Automatable no

Technical Impact total

Affected Vendors & Products

Vendors Products
Automattic
  • Jetpack

Configuration 1 [-]

cpe:2.3:a:automattic:jetpack:*:*:*:*:*:wordpress:*:*

No data.

References
Link Providers
https://jetpack.com/blog/jetpack-12-1-1-critical-security-update/ cve-icon cve-icon
https://wpscan.com/vulnerability/52d221bd-ae42-435d-a90a-60a5ae530663 cve-icon cve-icon
History

Thu, 05 Dec 2024 17:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}
cve-icon MITRE

Status: PUBLISHED

Assigner: WPScan

Published: 2023-06-27T13:17:07.479Z

Updated: 2024-12-05T16:48:09.882Z

Reserved: 2023-05-30T19:10:08.911Z

Link: CVE-2023-2996

cve-icon Vulnrichment

Updated: 2024-08-02T06:41:03.950Z

cve-icon NVD

Status : Modified

Published: 2023-06-27T14:15:11.723

Modified: 2024-11-21T07:59:43.287

Link: CVE-2023-2996

cve-icon Redhat

No data.