Serious Vulnerability in WordPress Jetpack Plugin

Get your updates going as soon as possible, as this looks pretty serious!

This is a bad bug, and Jetpack is one of the most widely used plugins in the WordPress world. We have been working closely with the WordPress security team, which has pushed updates to every version of the plugin since 1.9 through core’s auto-update system. We have also coordinated with a number of hosts and network providers to install network-wide blocks to mitigate the impact of this vulnerability, but the only sure fix is updating the plugin.

So not only is that an issue, but if you haven’t done your part in protecting yourself from this week’s HeartBleed bug, which has scared the bejeezus out of the entire Internet, get yourself fixed up ASAP!

If you are lucky enough to have been using LastPass to manage your passwords, log in there and do a Security Check to find out which websites you frequent may be vulnerable to that bug. LastPass will also help you quickly change passwords as needed.

Good luck, citizens!

 

About Will Chatham

Will Chatham is an Information Security Analyst, OSCP, Ethical Hacker, and Penetration Tester at a federal data center in Asheville, NC. Since Netscape 2.0, he has worked in a wide array of environments including non-profit, corporate, small business, and government. His varied background, from developer to search engine optimizer to security professional, has helped him build a wide range of skills that help those with whom he works and teaches.
Bookmark the permalink.

Leave a Reply