Medium severity5.4NVD Advisory· Published Apr 24, 2024· Updated Apr 28, 2026

CVE-2023-47774

Description

Improper Restriction of Rendered UI Layers or Frames vulnerability in Automattic Jetpack allows Clickjacking.This issue affects Jetpack: from n/a before 12.7.

Affected products

Automattic/Jetpack
cpe:2.3:a:automattic:jetpack:*:*:*:*:*:wordpress:*:*
Range: <12.7

Patches

3110525f2dea

https://github.com/automattic/jetpackvia osv

Vulnerability mechanics

Generated by null/stub on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

patchstack.com/database/vulnerability/jetpack/wordpress-jetpack-plugin-12-7-contributor-iframe-injection-vulnerabilitynvdThird Party Advisory

News mentions

No linked articles in our index yet.

cvss	0.351
epss	0.000
exploit	0.000
kev	0.000
patch	-0.070
ransomware	0.000