Jetpack 4.0.3 Patches a Critical XSS Vulnerability

Jetpack 4.0.3 is a security release that contains an important fix for a critical vulnerability that has been present in the plugin since version 2.0, released in 2012. According to Jetpack team member Sam Hotchkiss, a stored XSS vulnerability was found in the way that some Jetpack shortcodes are processed, which allows an attacker to insert JavaScript into comments to hijack a visitor’s browser.

visit WordPress Tavern

Create a free website or blog at WordPress.com.

Up ↑

%d bloggers like this: