CVE-2022-50958

Name of the Vulnerable Software and Affected Versions Jetpack version 9.1

Description A reflected cross-site scripting issue allows unauthenticated attackers to inject malicious scripts into victim browsers. This is achieved by manipulating the post id parameter within the "grunion-form-view.php" endpoint, enabling the execution of arbitrary JavaScript.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.