GHSA-5hr6-r8h6-wh22
Suggest an improvement- Source
- https://github.com/advisories/GHSA-5hr6-r8h6-wh22
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-5hr6-r8h6-wh22/GHSA-5hr6-r8h6-wh22.json
- JSON Data
- https://api.osv.dev/v1/vulns/GHSA-5hr6-r8h6-wh22
- Aliases
-
- CVE-2021-24374
- Published
- 2022-05-24T19:05:47Z
- Modified
- 2024-04-23T17:28:56.114077Z
- Severity
-
- 5.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVSS Calculator
- Summary
- JetPack Exposure of Resource to Wrong Sphere
- Details
-
The Jetpack Carousel module of the JetPack WordPress plugin before 9.8 allows users to create a "carousel" type image gallery and allows users to comment on the images. A security vulnerability was found within the Jetpack Carousel module by nguyenhg_vcs that allowed the comments of non-published page/posts to be leaked.
- Database specific
{ "nvd_published_at": "2021-06-21T20:15:00Z", "cwe_ids": [ "CWE-284", "CWE-639", "CWE-668" ], "severity": "MODERATE", "github_reviewed": true, "github_reviewed_at": "2024-04-23T17:09:16Z" }- References
Affected packages
Packagist / automattic/jetpack
Package
- Name
- automattic/jetpack
- Purl
- pkg:composer/automattic/jetpack
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed9.8
Affected versions
2.*
2.8b1
2.8
2.8.3
2.8.4
2.8.5
2.9b1
2.9b2
2.9b3
2.9b4
2.9
2.9.1b1
2.9.1
2.9.2
2.9.3
2.9.4
2.9.5
2.9.6
3.*
3.0-beta1
3.0-beta2
3.0-beta3
3.0
3.0.1
3.0.2b1
3.0.2b2
3.0.2
3.0.4
3.0.5
3.0.6
3.1-beta1
3.1-beta2
3.1-beta3
3.1-beta4
3.1
3.1.1
3.1.3
3.1.4
3.1.5
3.2-beta1
3.2-beta2
3.2-beta3
3.2-beta4
3.2-beta5
3.2
3.2.1
3.2.3
3.2.4
3.2.5
3.3-beta1
3.3-beta2
3.3-beta3
3.3
3.3.1
3.3.2
3.3.4
3.3.5
3.3.6
3.4-beta1
3.4-beta2
3.4-beta3
3.4
3.4.1
3.4.2-beta1
3.4.2-rc1
3.4.2
3.4.3
3.4.4
3.4.5
3.4.6
3.5-beta1
3.5
3.5.1-beta1
3.5.1
3.5.2
3.5.3
3.5.4
3.5.5
3.5.6
3.6-beta1
3.6-beta2
3.6
3.6.1
3.6.2
3.6.3
3.6.4
3.7-beta2
3.7
3.7.0-beta
3.7.0-beta3
3.7.0-beta4
3.7.0-beta5
3.7.1-beta
3.7.1-beta2
3.7.1
3.7.2
3.7.3
3.7.4
3.7.5
3.8.0-beta
3.8.0-beta2
3.8.0
3.8.1-beta
3.8.1-beta2
3.8.1-beta3
3.8.1-beta4
3.8.1
3.8.2-beta
3.8.2-beta2
3.8.2
3.8.3
3.8.4
3.8.5
3.9.0-beta
3.9.0-beta2
3.9.0
3.9.1
3.9.2-beta
3.9.2
3.9.3-beta
3.9.3
3.9.4
3.9.5-beta
3.9.5
3.9.6
3.9.7
3.9.8
3.9.9
4.*
4.0-beta1
4.0-beta2
4.0-beta3
4.0.0
4.0.1
4.0.2
4.0.3
4.0.4-beta1
4.0.4-beta2
4.0.4-beta3
4.0.4-beta4
4.0.4
4.0.5
4.0.6
4.1-beta1
4.1-beta2
4.1-beta3
4.1-beta4
4.1.0
4.1.1
4.1.2
4.1.3
4.2-beta1
4.2-beta2
4.2-beta3
4.2-beta4
4.2-rc1
4.2-rc2
4.2-rc3
4.2-rc4
4.2.0
4.2.1-rc1
4.2.1-rc2
4.2.1-rc3
4.2.1
4.2.2
4.2.3
4.2.4
4.3-beta2
4.3-beta3
4.3-rc1
4.3-rc2
4.3-rc3
4.3.0
4.3.1
4.3.2-beta1
4.3.2-beta2
4.3.2-rc1
4.3.2-rc2
4.3.2
4.3.3
4.3.4
4.4-beta1
4.4-beta2
4.4-beta3
4.4-beta4
4.4-beta5
4.4-rc1
4.4-rc2
4.4
4.4.1
4.4.2-beta
4.4.2
4.4.3
4.4.4
4.5-beta1
4.5-beta2
4.5-beta3
4.5-rc1
4.5-rc2
4.5-rc3
4.5
4.5.1
4.5.2
4.6-beta1
4.6-beta2
4.6-beta3
4.6
4.6.1
4.6.2
4.7-beta1
4.7-beta2
4.7
4.7.1-beta
4.7.1
4.7.2
4.7.3
4.8-beta1
4.8-beta2
4.8
4.8.1
4.8.2
4.8.3
4.8.4
4.9-beta1
4.9
4.9.1
4.9.2
5.*
5.0-beta1
5.0-beta2
5.0
5.0.1
5.0.2
5.1-beta1
5.1-beta2
5.1
5.1.1
5.1.2
5.1.3
5.2-beta1
5.2
5.2.1
5.2.2
5.2.3
5.2.4
5.3-beta1
5.3-beta2
5.3-beta3
5.3
5.3.1
5.3.2
5.3.3
5.4-beta1
5.4-beta2
5.4-beta3
5.4
5.4.1
5.4.2
5.4.3
5.5-beta
5.5-beta2
5.5-beta3
5.5
5.5.1
5.5.2
5.5.3
5.5.4
5.6-beta1
5.6-beta2
5.6
5.6.1
5.6.2
5.6.3
5.6.4
5.7-beta1
5.7
5.7.1
5.7.2
5.7.3
5.7.4
5.8-beta
5.8-beta2
5.8
5.8.1
5.8.2
5.8.3
5.9-beta
5.9
5.9.1
5.9.2
5.9.3
6.*
6.0-beta
6.0
6.0.1
6.0.2
6.0.3
6.1-beta
6.1
6.1.1
6.1.2
6.1.3
6.1.4
6.2-beta
6.2
6.2.1
6.2.2
6.2.3
6.2.4
6.3-beta
6.3
6.3.1
6.3.2
6.3.3
6.3.4
6.3.5
6.3.6
6.4-beta
6.4
6.4.1
6.4.2
6.4.3
6.4.4
6.4.5
6.5-beta
6.5
6.5.1
6.5.2
6.5.3
6.6-beta
6.6-beta2
6.6
6.6.1
6.6.2
6.6.3
6.6.4
6.7-beta
6.7-beta2
6.7
6.7.1-beta
6.7.1
6.7.2
6.7.3
6.8-beta
6.8-beta2
6.8-beta3
6.8-beta4
6.8
6.8.1
6.8.2
6.8.3
6.8.4
6.9-beta
6.9-beta2
6.9
6.9.1
6.9.2
6.9.3
7.*
7.0-beta
7.0-beta2
7.0
7.0.1
7.0.2
7.0.3
7.0.4
7.1-beta
7.1-beta2
7.1
7.1.1
7.1.2
7.1.3
7.1.4
7.2-beta1
7.2-beta2
7.2-beta3
7.2
7.2.1-beta1
7.2.1
7.2.1.1
7.2.2
7.2.3
7.2.4
7.3-beta1
7.3-beta2
7.3-rc
7.3.0
7.3.0.1
7.3.1
7.3.1.1
7.3.2
7.3.3
7.3.4
7.4-beta
7.4
7.4.1
7.4.2
7.4.3
7.4.4
7.5-beta
7.5-beta-2
7.5-beta-3
7.5-beta-4
7.5-beta-5
7.5-beta-6
7.5-beta-7
7.5
7.5.0.1
7.5.1-beta
7.5.1
7.5.2
7.5.3-beta
7.5.3
7.5.4
7.5.5
7.5.6
7.6-beta
7.6
7.6.1
7.6.2
7.6.3
7.7-beta
7.7-beta2
7.7
7.7.1
7.7.2
7.7.3
7.7.4
7.7.5
7.8-beta
7.8-beta2
7.8
7.8.1
7.8.2
7.8.3
7.9-beta
7.9-beta2
7.9-beta3
7.9
7.9.1
7.9.2
7.9.3
8.*
8.0-beta
8.0
8.0.1
8.0.2
8.1-beta
8.1
8.1.1
8.1.2
8.1.3
8.2-alpha
8.2-beta
8.2-beta2
8.2
8.2.0.1
8.2.1
8.2.2
8.2.3
8.2.4
8.2.5
8.3-beta1
8.3-beta2
8.3
8.3.1
8.3.2
8.4-beta
8.4
8.4.1
8.4.2
8.4.3
8.4.4
8.5-beta
8.5
8.5.1
8.5.2
8.6-beta
8.6-beta2
8.6
8.6.1
8.6.2
8.6.3
8.7-alpha
8.7-beta
8.7
8.7.0.1
8.7.1
8.7.2
8.7.3
8.8-alpha
8.8-beta
8.8-beta2
8.8
8.8.1
8.8.2
8.8.3
8.8.4
8.9-beta
8.9-beta2
8.9
8.9.1
8.9.2
8.9.3
9.*
9.0-beta
9.0
9.0.1
9.0.2
9.0.2.1
9.0.3
9.0.4
9.1-beta
9.1
9.1.1
9.1.2
9.2-beta
9.2-beta2
9.2
9.2.1
9.2.2
9.2.3
9.3-beta
9.3
9.3.1
9.3.2
9.3.3
9.3.4
9.4-beta
9.4
9.4.1
9.4.2
9.4.3
9.5-beta
9.5
9.5.1
9.5.2
9.5.3
9.5.4
9.6-beta
9.6
9.6.1
9.6.2
9.6.3
9.7-beta
9.7-beta2
9.7
9.7.1
9.7.2
9.8-beta