Jetpack WordPress Plug-in API Bug Triggers Mass Updates

  /     /     /  
Publicated : 23/11/2024   Category : security


Jetpack WordPress Plug-in API Bug Triggers Mass Updates


An audit uncovers an API-related security vulnerability dating back to Jetpack version 2.0 released in 2012 — and it affects millions of websites.



Jetpack, a WordPress plug-in for boosting website security and speed has issued a critical update following a routine audit that turned up a security vulnerability in its API.
Jetpack issued an advisory this week, noting, This vulnerability could be used by authors on a site to manipulate any files in the WordPress installation.
The
WordPress plug-in
has been downloaded more than 5 million times, and according to
Jetpacks security update
, has included the critical API flaw since its 2.0 version was released back in 2012.
The most up-to-date version is Jetpack 12.1.1.
Jetpack added that there is no evidence the
API bug
has been exploited in the wild, but its pushing patches out to millions of affected websites, in the form of 102 new versions. 
To help you in this process, we have worked closely with the WordPress.org Security Team to release patched versions of every version of Jetpack since 2.0, the update said. Most websites have been or will soon be automatically updated to a secured version.

Last News

▸ Beware EMV may not fully protect against skilled thieves. ◂
Discovered: 23/12/2024
Category: security

▸ Hack Your Hotel Room ◂
Discovered: 23/12/2024
Category: security

▸ Website hacks happened during World Cup final. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Jetpack WordPress Plug-in API Bug Triggers Mass Updates