WordPress Security Compromised Through Jetpack v3.7 or Older

hire-meIf you use WordPress for your website (WP self-hosted) make sure you always keep your plugins, themes, and WP itself updated. Right now it is especially important to make certain you have Jetpack updated. Even if it’s only installed and not active go ahead and update it or delete it.

Jetpack is a single plugin that gives you the most powerful WordPress.com features, hooking your self-hosted WordPress site to WordPress.com’s infrastructure to take advantage of robust stats, easy social sharing, and a whole lot more. http://jetpack.me/about/

Versions of Jetpack 3.7.0 and earlier are vulnerable to a cross-site scripting vulnerability in the contact form. When data is submitted using the contact form it isn’t properly scrubbed for known vulnerabilities. The newest versions, 3.7.1 and 3.7.2 do properly sanitize this input. Thanks to this discovery the security patch has been created and released. Please update all of your plugins, themes, and WP itself immediately.

If you need help phone 678-439-8683 or use the Contact Me form. Fees as low as $10.