Automattic Jetpack Boost
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Automattic Jetpack Boost.
By the Year
In 2026 there have been 1 vulnerability in Automattic Jetpack Boost with an average score of 6.1 out of ten. Last year, in 2025 Jetpack Boost had 2 security vulnerabilities published. If vulnerabilities keep coming in at the current rate, it appears that number of security vulnerabilities in Jetpack Boost in 2026 could surpass last years number.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 1 | 6.10 |
| 2025 | 2 | 0.00 |
It may take a day or so for new Jetpack Boost vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Automattic Jetpack Boost Security Vulnerabilities
Jetpack 11.4 XSS in Contact Form via post_id enables script injection
CVE-2023-54332
6.1 - Medium
- January 13, 2026
Jetpack 11.4 contains a cross-site scripting vulnerability in the contact form module that allows attackers to inject malicious scripts through the post_id parameter. Attackers can craft malicious URLs with script payloads to execute arbitrary JavaScript in victims' browsers when they interact with the contact form page.
XSS
Jetpack WordPress Plugin XSS via regex in Site Accelerator (v<13.8, Boost<3.4.8)
CVE-2024-10076
- May 15, 2025
The Jetpack WordPress plugin before 13.8, Jetpack Boost WordPress plugin before 3.4.8 use regexes in the Site Accelerator features when switching image URLs to their CDN counterpart. Unfortunately, some of them may match patterns it shouldnt, ultimately making it possible for contributor and above users to perform Stored XSS attacks
XSS
Arbitrary GET via wp_ajax_boost_proxy_ig in WordPress Boost Plugin
CVE-2024-6584
- May 15, 2025
The 'wp_ajax_boost_proxy_ig' action allows administrators to make GET requests to arbitrary URLs.
SSRF
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Automattic Jetpack Boost or by Automattic? Click the Watch button to subscribe.
