Jetpack at Risk of Hacking, Update Now

Sucuri just released a security advisory about the popular WordPress plugin Jetpack, now in use on over 1 million sites. The security problem is only with the Shortcode Embeds module, so if this isn’t actively running on your site you’re not at risk for this issue (but you should update anyway!).

Here’s information from Jetpack developers about the problem.

The XSS (cross-site scripting) vulnerability “could allow an attacker to hijack administrator accounts, inject SEO spam to an affected page, and redirect visitors to malicious websites,” says Sucuri.

If you’re a WP Minder client, you’ve already been updated so no need to worry.