Jetpack Critical Security Vulnerability

jetpack

Today a critical vulnerability was found in one of the most popular and widely used WordPress plugins - Jetpack. Fortunately, according to the plugin authors there is no evidence that this issue has been used to hack real sites. However, an update of the plugin was released - Jetpack 4.0.3.

As usual, our security team was pro-active and updated our WAF (web application firewall), adding rules to prevent the hack from being used. This means that even if your plugin is not updated to the latest version, your site will still be protected. However, we urge all Jetpack users to update the plugin to its latest version in which the vulnerability is patched.

Product Development - Technical

Enthusiastic about all Open Source applications you can think of, but mostly about WordPress. Add a pinch of love for web design, new technologies, search engine optimisation and you are pretty much there!

6 Comments

  1. Reply May 28, 2016 / 00:15 Samuel A KingSiteGround Team

    Thanks for the update guys. But now your firewall prevents me from updating my plugins, akismet from checking spam and all other jetpack functions from working.

    Pls advise

    • Reply May 28, 2016 / 01:42 Hristo PandjarovSiteGround Team

      I think that's another issue and it's a simple coinsidense that it happened at the same time the post was published. I've just tested again everything you mentioned and didn't experience any issues whatsoever. Please, post a ticket in your Help Desk and our support team will assist you.

  2. Reply June 3, 2016 / 16:22 PerrySiteGround Team

    Good to hear that the plug-in author and site ground techs are "on to it."

  3. Reply June 21, 2016 / 10:32 Thanapol RakthamSiteGround Team

    My site at smartfinder asia is safe despite using jetpack.

  4. Reply June 24, 2016 / 04:53 vickya4nSiteGround Team

    Thanks for the update guys. But now your firewall prevents me from updating my plugins, akismet from checking spam and all other jetpack functions from working.

    • Reply June 27, 2016 / 03:14 Marina YordanovaSiteGround Team

      Hello, could you please post a ticket from your HelpDesk about this issue? Our techs will be glad to assist you further.

Reply

* (Required)