Security News > 2021 > June > WordPress force installs Jetpack security update on 5 million sites

WordPress force installs Jetpack security update on 5 million sites
2021-06-03 19:00

Automattic, the company behind the WordPress content management system, force deploys a security update on over five million websites running the Jetpack WordPress plug-in.

Automattic is force installing patched versions on all websites running vulnerable Jetpack versions, with most sites already having been updated.

Currently, download stats available on the WordPress Plugins site confirm that the security updates have been pushed to most if not all exposed websites.

Samuel Wood, another WordPress developer, added in October 2020 that Automattic used the forced security updates feature to push "Security releases for plugins many times" since WordPress 3.7 was released.

In 2019, Jetpack received a critical security update to fix a bug in the way the plug-in processed embed code.

A May 2016 critical security update patched a vulnerability in the way some Jetpack shortcodes were processed.


News URL

https://www.bleepingcomputer.com/news/security/wordpress-force-installs-jetpack-security-update-on-5-million-sites/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Wordpress 7 2 93 44 18 157