|Security Issue:||JetPack Vulnerability – critical update|
|Status:||Update has been released- users should be using 3.7.1 or higher.|
|Who is impacted?||WordPress websites using the Jetpack plugin lower than version 3.7.1.|
Last week (October 1), Sucri released a Public Disclosure of Vulnerability concerning a cross-site scripting vulnerability affecting the Jetpack plugin for WordPress. The vulnerability affects users through the contact form module present in the plugin.
All JetPack Users Should Update
All users of the Jetpack plugin are advised to immediately upgrade. The latest available version is Jetpack version 3.7.2.