Threat Post

WordPress Jetpack Plugin Patched Against Stored XSS Vulnerability

The popular Jetpack WordPress plugin was updated this week in order to patch a critical stored cross-site scripting vulnerability. After a few critical bugs were recently discovered and patched in the ...
Searchenginejournal.com

WordPress Jetpack Now Available As Six Plugins

Automattic announced a modular approach to the all-in-one Jetpack that allows users to choose only the features they need. Automattic is the for-profit side of WordPress. Although they are for-profit ...
Bleeping Computer

Millions of Sites Exposed by Flaw in Jetpack WordPress Plugin

Admins and owners of WordPress websites are urged to immediately apply the Jetpack 7.9.1 critical security update to prevent potential attacks that could abuse a ...
Searchenginejournal.com

Jetpack Boost – A Web Vitals WordPress Plugin

Automattic has pre-released a plugin designed to tackle the hard work of achieving better Core Web Vitals scores. The plugin is currently in testing phase and not meant to be used on live production ...
Threat Post

Vulnerabilities Identified in Two WordPress Plugins

Two vulnerabilities in two different WordPress plugins – an Arbitrary Variable Overwrite vulnerability in eShop, and an XSS vulnerability in Jetpack – were identified this week. The last few months ...
Bleeping Computer

Hackers Find New Method of Installing Backdoored Plugins on WordPress Sites

Hackers have come up with a never-before-seen method of installing backdoored plugins on websites running the open-source WordPress CMS, and this new technique relies on using weakly protected ...