Vulnerabilities > Automattic

DATE	CVE	VULNERABILITY TITLE	RISK
2019-07-18	CVE-2016-10762	Command Injection vulnerability in Automattic Camptix Event Ticketing The CampTix Event Ticketing plugin before 1.5 for WordPress allows CSV injection when the export tool is used. network high complexity automattic CWE-77	7.5
2018-01-12	CVE-2016-10706	Cross-site Scripting vulnerability in Automattic Jetpack The Jetpack plugin before 4.0.3 for WordPress has XSS via a crafted Vimeo link. network low complexity automattic CWE-79	6.1
2018-01-12	CVE-2016-10705	Cross-site Scripting vulnerability in Automattic Jetpack The Jetpack plugin before 4.0.4 for WordPress has XSS via the Likes module. network low complexity automattic CWE-79	6.1
2017-11-29	CVE-2017-17058	Path Traversal vulnerability in Automattic Woocommerce The WooCommerce plugin through 3.x for WordPress has a Directory Traversal Vulnerability via a /wp-content/plugins/woocommerce/templates/emails/plain/ URI, which accesses a parent directory. network low complexity automattic CWE-22	7.5

Vulnerabilities > Automattic {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Automattic"}]}