CVE-2016-10706

The Jetpack plugin before 4.0.3 for WordPress has XSS via a crafted Vimeo link.

We have discovered 10,825 live websites that are affected by CVE-2016-10706.

Run a Free Instant Scan



Affected Software

Product  Jetpack
Category Widgets
Vulnerable Domains10,825 live websites (1.30% of Jetpack install base)
Vulnerable Versions
  • from 0 through 4.0.3
Vulnerable Versions Count72 versions ( 13% of all versions)



Details

  • Published - Jan 12, 2018
  • Updated - Sep 17, 2024

Website Distribution by Country

Number of websites using CVE-2016-10706
United States3,541 websites


Japan2,166 websites
Germany821 websites
France614 websites
GB388 websites
Italy353 websites
Russia283 websites
Netherlands238 websites
Spain226 websites
Canada199 websites

Website Distribution by TLD

Number of websites using CVE-2016-10706
.com5,643 websites
.net510 websites
.jp491 websites
.org486 websites
.de389 websites
.co.uk251 websites
.fr247 websites
.it238 websites
.ru224 websites
.nl175 websites

Vulnerable Versions

Vulnerable versions are highlighted in red

Websites affected by CVE-2016-10706

Top websites that are affected by CVE-2016-10706. Please click on the "Contact us" link to get more information.
DomainCountryRankContacts
***********.com United States**,***
******************.org Germany**,***
*********.com United States**,***
**********.com United States**,***
**********.com United States**,***
************.com Germany**,***
*******.dk Denmark**,***
********.com United States**,***
***********.com United States**,***
********.dk Denmark***,***
See full domain list

FAQ

A total of 10,825 websites have been identified as vulnerable to CVE-2016-10706, based on global website indexing conducted by WebTechSurvey.
The Jetpack is affected by the CVE-2016-10706 vulnerability.
Jetpack versions up to and including 4.0.3 are vulnerable to CVE-2016-10706.