Jetpack fixes critical information disclosure flaw existing since 2016
WordPress plugin Jetpack released a critical security update earlier today, addressing a vulnerability that allowed a logged-in user to access forms submitted by other visitors to the site.
Jetpack is a popular WordPress plugin by Automattic that provides tools to enhance website functionality, security, and performance. According to the vendor, the plugin is installed on 27 million websites.
The issue was discovered during an internal audit and impacts all Jetpack versions since 3.9.9, released in 2016.
See more: https://www.bleepingcomputer.com/news/security/jetpack-fixes-critical-information-disclosure-flaw-existing-since-2016/
https://thehackernews.com/2024/10/wordpress-plugin-jetpack-patches-major.html
#security #cybersecurity
Oddbean new post about login | logout