Vulnerabilities > Automattic

DATE	CVE	VULNERABILITY TITLE	RISK
2018-01-12	CVE-2016-10706	Cross-site Scripting vulnerability in Automattic Jetpack The Jetpack plugin before 4.0.3 for WordPress has XSS via a crafted Vimeo link. network low complexity automattic CWE-79	6.1
2018-01-12	CVE-2016-10705	Cross-site Scripting vulnerability in Automattic Jetpack The Jetpack plugin before 4.0.4 for WordPress has XSS via the Likes module. network low complexity automattic CWE-79	6.1
2017-11-29	CVE-2017-17058	Path Traversal vulnerability in Automattic Woocommerce The WooCommerce plugin through 3.x for WordPress has a Directory Traversal Vulnerability via a /wp-content/plugins/woocommerce/templates/emails/plain/ URI, which accesses a parent directory. network low complexity automattic CWE-22	7.5

Vulnerabilities > Automattic {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Automattic"}]}