1-877-805-7475

Contact Us

Login

GET STARTED

Urgent WordPress Update Fixes Critical Flaw in Jetpack Plugin on Million of Sites

WordPress has issued an automatic update to address a critical flaw in the Jetpack plugin that’s installed on over five million sites.

The vulnerability, which was unearthed during an internal security audit, resides in an API present in the plugin since version 2.0, which was released in November 2012.

“This vulnerability could be used by authors on a site to manipulate any files in the WordPress installation,” Jetpack said in an advisory.

102 new versions of Jetpack have been released to remediate the bug.

While there is no evidence the issue has been exploited in the wild, it’s not uncommon for flaws in popular WordPress plugins to be leveraged by threat actors looking to take over the sites for malicious ends.

In November 2019, Jetpack released version 7.9.1 to fix a defect in the way the plugin handled embed code that had existed since July 2017.

Share this article on social media:

Subscribe to Our Newsletter!
Stay on top of cybersecurity risks, evolving threats and industry news.
This field is for validation purposes and should be left unchanged.

Recent News

London Drugs closes all of its pharmacies following ‘cybersecurity incident’

2024-04-29

Hackers backdoored Cisco ASA devices via two zero-days (CVE-2024-20353, CVE-2024-20359)

2024-04-25

Microsoft releases Exchange hotfixes for security update issues

2024-04-23

Synlab Italia suspends operations following ransomware attack

2024-04-22

MITRE Corporation Breached by Nation-State Hackers Exploiting Ivanti Flaws

Palo Alto firewalls: Public exploits, rising attacks, ineffective mitigation

2024-04-17

Cisco Duo provider breached, SMS MFA logs compromised

2024-04-16

Microsoft will limit Exchange Online bulk emails to fight spam

View more cybersecurity news →

Featured Services

017_03_Artboard 57

Web Application Penetration Testing

External Network Penetration Testing

017_03_Artboard 54

Internal Network Penetration Testing

Medical Device Penetration Testing

020_01_Artboard 85

Cloud Infrastructure Penetration Testing

013_Artboard 8

Enterprise
Cybersecurity Audit

The Latest Cybersecurity News

From major cyberattacks, newly discovered critical vulnerabilities to recommended best practices, read it here first:

VIEW MORE RECENT NEWS →

CONTACT US

Get in Touch With The Team

Whether you’re looking for more information on our services or simply have a general inquiry, our team remains at your disposal to answer any questions or provide guidance. 

A Vumetric expert will be in touch shortly to discuss further. 

4.9

4.9

5.0
This field is for validation purposes and should be left unchanged.

BUILD A QUOTE

RECEIVE YOUR QUOTE QUICKLY

What you will get in your detailed quote:

Activities

Including methodologies

Deliverables

Report table of content

Total cost

All-inclusive flat fee

More than 500 organizations received a quote from us in 2023

BOOK A MEETING

Schedule a Meeting With The Team

Looking for more details on how we can help or need guidance to determine the approach best suited for your organization? Plan a virtual meeting with a member of our team to discuss further without any engagement.

This field is for validation purposes and should be left unchanged.

* No free email provider (e.g: gmail.com, hotmail.com, etc.)

What happens next?

A Vumetric expert learns about your needs and objectives during a quick meeting.

A project scope is defined (target environment, deadlines, requirements, etc.)

020_01_Artboard 63

A detailed quote including all-inclusive pricing and statement of work is provided.

CONTACT US

Get in Touch With The Team

Whether you’re looking for more information on our services or simply have a general inquiry, our team remains at your disposal to answer any questions or provide guidance. 

A Vumetric expert will be in touch shortly to discuss further. 

4.9

4.9

5.0
This field is for validation purposes and should be left unchanged.

BUILD A QUOTE

RECEIVE YOUR QUOTE QUICKLY

What you will get in your detailed quote:

Activities

Including methodologies

Deliverables

Report table of content

Total cost

All-inclusive flat fee

More than 500 organizations received a quote from us in 2023

BOOK A MEETING

Schedule a Meeting With The Team

Looking for more details on how we can help or need guidance to determine the approach best suited for your organization? Plan a virtual meeting with a member of our team to discuss further without any engagement.

This field is for validation purposes and should be left unchanged.

* No free email provider (e.g: gmail.com, hotmail.com, etc.)

What happens next?

A Vumetric expert learns about your needs and objectives during a quick meeting.

A project scope is defined (target environment, deadlines, requirements, etc.)

020_01_Artboard 63

A detailed quote including all-inclusive pricing and statement of work is provided.

Have a Question?

CONTACT US
Got an Urgent Need?
1-877-805-7475

Stay Updated on Cyber Risks

Subscribe to the Vumetric Monthly Bulletin to keep up with breaking news in the cybersecurity industry.

This field is for validation purposes and should be left unchanged.
1-877-805-7475
Contact us
© 2024 Vumetric Inc. All Rights Reserved.
Twitter Linkedin-in Facebook-f Rss
Privacy Policy    |    Contact Us    |    About
2024 EDITION

PENETRATION TESTING Buyer's Guide

Everything You Need to Know

Gain confidence in your future cybersecurity assessments by learning to effectively plan, scope and execute projects.
FREE DOWNLOAD

BOOK A MEETING

Enter your Email Address

This field is for validation purposes and should be left unchanged.

* No free email provider (e.g: gmail.com, hotmail.com, etc.)

This site is registered on wpml.org as a development site. Switch to a production site key to remove this banner.