A Zero-Day vulnerability in Wordpress Jetpack plugin

Updated November 23, 2019 14:34

Situation

A Zero-Day vulnerability has been discovered in the Jetpack plugin in Wordpress

The vulnerability in the Jetpack plugin which is able to process embed code:
https://jetpack.com/2019/11/19/jetpack-7-9-1-maintenance-security/

The JetPack plugin was updated on November 19, 2019. Wordpress Toolkit will automatically install Jetpack update if auto-updates are enabled.

If auto-updates are disabled it is required to update the Jetpack plugin manually as soon as possible to the 7.9.1 version or higher.

To find the Wordpress instances with installed JetPack plugin use the following solutions:

Log in to Plesk
Go to Wordpress > Plugins and type in search field "Jetpack". It will show all the websites with Jetpack installed and information about the installed version:

0 comments

Please sign in to leave a comment.

Have more questions? Submit a request