CVE-2023-2996

Summary

The Jetpack WordPress plugin before 12.1.1 does not validate uploaded files, allowing users with author roles or above to manipulate existing files on the site, deleting arbitrary files, and in rare cases achieve Remote Code Execution via phar deserialization.

Affected Software

VendorProductVersion RangeStatus
UnknownJetpack1.9 < 2.0.9affected
UnknownJetpack2.1 < 2.1.7affected
UnknownJetpack2.2 < 2.2.10affected
UnknownJetpack2.3 < 2.3.10affected
UnknownJetpack2.4 < 2.4.7affected
UnknownJetpack2.5 < 2.5.5affected
UnknownJetpack2.6 < 2.6.6affected
UnknownJetpack2.7 < 2.7.5affected
UnknownJetpack2.8 < 2.8.5affected
UnknownJetpack2.9 < 2.9.6affected
UnknownJetpack3.0 < 3.0.6affected
UnknownJetpack3.1 < 3.1.5affected
UnknownJetpack3.2 < 3.2.5affected
UnknownJetpack3.3 < 3.3.6affected
UnknownJetpack3.4 < 3.4.6affected
UnknownJetpack3.5 < 3.5.6affected
UnknownJetpack3.6 < 3.6.4affected
UnknownJetpack3.7 < 3.7.5affected
UnknownJetpack3.8 < 3.8.5affected
UnknownJetpack3.9 < 3.9.9affected
UnknownJetpack4.0 < 4.0.6affected
UnknownJetpack4.1 < 4.1.3affected
UnknownJetpack4.2 < 4.2.4affected
UnknownJetpack4.3 < 4.3.4affected
UnknownJetpack4.4 < 4.4.4affected
UnknownJetpack4.5 < 4.5.2affected
UnknownJetpack4.6 < 4.6.2affected
UnknownJetpack4.7 < 4.7.3affected
UnknownJetpack4.8 < 4.8.4affected
UnknownJetpack4.9 < 4.9.2affected
UnknownJetpack5.0 < 5.0.2affected
UnknownJetpack5.1 < 5.1.3affected
UnknownJetpack5.2 < 5.2.4affected
UnknownJetpack5.3 < 5.3.3affected
UnknownJetpack5.4 < 5.4.3affected
UnknownJetpack5.5 < 5.5.4affected
UnknownJetpack5.6 < 5.6.4affected
UnknownJetpack5.7 < 5.7.4affected
UnknownJetpack5.8 < 5.8.3affected
UnknownJetpack5.9 < 5.9.3affected
UnknownJetpack6.0 < 6.0.3affected
UnknownJetpack6.1 < 6.1.4affected
UnknownJetpack6.2 < 6.2.4affected
UnknownJetpack6.3 < 6.3.6affected
UnknownJetpack6.4 < 6.4.5affected
UnknownJetpack6.5 < 6.5.3affected
UnknownJetpack6.6 < 6.6.4affected
UnknownJetpack6.7 < 6.7.3affected
UnknownJetpack6.8 < 6.8.4affected
UnknownJetpack6.9 < 6.9.3affected
UnknownJetpack7.0 < 7.0.4affected
UnknownJetpack7.1 < 7.1.4affected
UnknownJetpack7.2 < 7.2.4affected
UnknownJetpack7.3 < 7.3.4affected
UnknownJetpack7.4 < 7.4.4affected
UnknownJetpack7.5 < 7.5.6affected
UnknownJetpack7.6 < 7.6.3affected
UnknownJetpack7.7 < 7.7.5affected
UnknownJetpack7.8 < 7.8.3affected
UnknownJetpack7.9 < 7.9.3affected
UnknownJetpack8.0 < 8.0.2affected
UnknownJetpack8.1 < 8.1.3affected
UnknownJetpack8.2 < 8.2.5affected
UnknownJetpack8.3 < 8.3.2affected
UnknownJetpack8.4 < 8.4.4affected
UnknownJetpack8.5 < 8.5.2affected
UnknownJetpack8.6 < 8.6.3affected
UnknownJetpack8.7 < 8.7.3affected
UnknownJetpack8.8 < 8.8.4affected
UnknownJetpack8.9 < 8.9.3affected
UnknownJetpack9.0 < 9.0.4affected
UnknownJetpack9.1 < 9.1.2affected
UnknownJetpack9.2 < 9.2.3affected
UnknownJetpack9.3 < 9.3.4affected
UnknownJetpack9.4 < 9.4.3affected
UnknownJetpack9.5 < 9.5.4affected
UnknownJetpack9.6 < 9.6.3affected
UnknownJetpack9.7 < 9.7.2affected
UnknownJetpack9.8 < 9.8.2affected
UnknownJetpack9.9 < 9.9.2affected
UnknownJetpack10.0 < 10.0.1affected
UnknownJetpack10.1 < 10.1.1affected
UnknownJetpack10.2 < 10.2.2affected
UnknownJetpack10.3 < 10.3.1affected
UnknownJetpack10.4 < 10.4.1affected
UnknownJetpack10.5 < 10.5.2affected
UnknownJetpack10.6 < 10.6.2affected
UnknownJetpack10.7 < 10.7.1affected
UnknownJetpack10.8 < 10.8.1affected
UnknownJetpack10.9 < 10.9.2affected
UnknownJetpack11.0 < 11.0.1affected
UnknownJetpack11.1 < 11.1.3affected
UnknownJetpack11.2 < 11.2.1affected
UnknownJetpack11.3 < 11.3.3affected
UnknownJetpack11.4 < 11.4.1affected
UnknownJetpack11.5 < 11.5.2affected
UnknownJetpack11.6 < 11.6.1affected
UnknownJetpack11.7 < 11.7.2affected
UnknownJetpack11.8 < 11.8.5affected
UnknownJetpack11.9 < 11.9.2affected
UnknownJetpack12.0 < 12.0.1affected
UnknownJetpack12.1 < 12.1.1affected

Weaknesses

  • CWE-20 Improper Input Validation

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: no
    • Technical Impact: total

References