WordPress Jetpack Emergency Update

If you are running Jetpack plugin on your WordPress site, then you should update it right away, this is due to a critical security patch that has been released by Jetpack today. I just got an email from BlueHost telling me about this critical update and to notify me they will take care of updating all my sites (many thanks to them for this great effort).

In a recent security audit, Jetpack discovered a vulnerability in their plugin that would allow an attacker to bypass a site’s access controls and publish posts to your WordPress installation(s).

Over the next 24 hours we will be making every attempt to upgrade your Jetpack plugin(s) to the newest versions containing the security patch. The secure versions are 1.9.4, 2.0.6, 2.1.4, 2.2.7, 2.3.7, 2.4.4, 2.5.2, 2.6.3, 2.7.2, 2.8.2, and 2.9.3, depending upon the version(s) of WordPress installed. We strongly encourage you to check your plugin version(s) to make sure it is on the newest version. We also strongly recommend you update your WordPress installation(s) to the most current version 3.8.2.

You can do the update by yourself too (this is highly recommended). To do so, you just need to login to your WordPress dashboard, and do one click update for the plugin -if you see the update nag of course- or you can install the new update manually by downloading it from WordPress.org, here is the link for the Jetpack plugin.

You can read more about the Jetpack 2.9.3 Critical Security Update.

Stay safe!

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.