CVE-2022-4497 — CVSS 5.4 (medium): The Jetpack CRM WordPress plugin before 5.5 does not validate and escape some of its shortcode attributes before outputting them back in…
CVE-2022-3919 — CVSS 4.8 (medium): The Jetpack CRM WordPress plugin before 5.4.3 does not sanitise and escape its settings, allowing high privilege users such as admin to…