Decade-old critical vulnerability in Jetpack patched on millions of WordPress websites

Jetpack. an extremely popular WordPress plugin that provides a variety of functions including security features for around five million websites, has received a critical security update following the discovery of a bug that has lurked unnoticed since 2012. Jetpack’s maintainers, Automattic, announced on Tuesday that it had worked closely with the WordPress security team to push out an automatic patch for every version of Jetpack since 2.0. The security hole is in Jetpack’s API and has been present since version 2.0 was released over a decade ago, in 2012. The vulnerability, which could allow…

This article has been indexed from Blog RSS Feed

Read the original article:

Liked it? Take a second to support IT Security News on Patreon!
Become a patron at Patreon!