CVE-2015-9359

The Jetpack plugin before 3.4.3 for WordPress has XSS via add_query_arg() and remove_query_arg().

We have discovered 2,869 live websites that are affected by CVE-2015-9359.

Run a Free Instant Scan



Affected Software

Product  Jetpack
Category Widgets
Vulnerable Domains2,869 live websites (0.34% of Jetpack install base)
Vulnerable Versions
  • from 0 through 3.4.3
Vulnerable Versions Count26 versions ( 4.64% of all versions)



Details

  • Published - Aug 28, 2019
  • Updated - Aug 6, 2024

Website Distribution by Country

Number of websites using CVE-2015-9359
United States1,130 websites


Japan317 websites
Germany249 websites
France169 websites
GB112 websites
Italy100 websites
Netherlands67 websites
Spain63 websites
Russia63 websites
Canada58 websites

Website Distribution by TLD

Number of websites using CVE-2015-9359
.com1,542 websites
.net145 websites
.org132 websites
.de110 websites
.fr75 websites
.co.uk73 websites
.it68 websites
.jp60 websites
.ru51 websites
.nl51 websites

Vulnerable Versions

Vulnerable versions are highlighted in red

Websites affected by CVE-2015-9359

Top websites that are affected by CVE-2015-9359. Please click on the "Contact us" link to get more information.
DomainCountryRankContacts
******.********.net United States***,***
***********.com United States***,***
******.com Japan***,***
****.*****.de Germany***,***
****.*****************.com United States***,***
***********.com United States***,***
*****************.com Japan***,***
***********.it Italy***,***
****************.com United States***,***
**************.com United States***,***
See full domain list

FAQ

A total of 2,869 websites have been identified as vulnerable to CVE-2015-9359, based on global website indexing conducted by WebTechSurvey.
The Jetpack is affected by the CVE-2015-9359 vulnerability.
Jetpack versions up to and including 3.4.3 are vulnerable to CVE-2015-9359.