XSS vulnerability in WordPress plugin Jetpack

The popular WordPress plugin Jetpack, which provides owners of self-hosted WordPress installations with the functions of the WordPress.com platform and thus improves the performance of the respective sites, …

from | June 2, 2016 | Homepage / Website (CMS), IT blog, IT security

The popular WordPress plugin Jetpack, which makes the functions of the WordPress.com platform available to owners of self-hosted WordPress installations and thus improves the performance of the respective sites, has a cross-site scripting vulnerability with which malicious code can be injected into the blogs via the comment function is smuggled in. This is a so-called stored XSS attack in which visitors' computers can be attacked. Only WordPress installations that have Jetpack installed and shortcode embedding enabled are affected.

The gap has been closed in the current version 4.0.3 of the plugin. We therefore strongly recommend updating to the latest version of Jetpack.

a

To the side...

CMS / website
IT security

a

Text sources & links

Here you can find more information about the gap and the patched version:
jetpack.com

Would you like to receive an offer?

Then inform us about your requirements, describe your ideas to us and one of our employees will carry out an initial consultation with you.

We will then present you with a rough concept and a non-binding, detailed cost offer.

Tel: 43 1 8698400

Email: office@iphos.com

    [hidden _referer_page]

    Company

    A strong international company - for the best IT solutions. Iphos IT Solutions offers its customers a full service in the areas of EDV / IT / ITSM, software development & web. – Faster, more cost-efficient & more competent.

    IT infrastructure

    As a holistic & sustainable service provider, we offer top IT solutions for maintenance, consulting, networks, Exchange, Linux & Windows servers and much more

    Software Development

    State-of-the-art software development from Vienna: as a sustainable & holistic IT company, we work on your best individual solution in the areas of application development, mobile software development, interface development & database development.

    Web development

    Web development rethought: We develop intranets & extranets, websites, e-commerce, online tariff calculators, newsletter systems & offer classic services such as SEO, SEM, etc. So that your business runs better.

    Iphos IT Solutions GmbH

    +43 (0)1 869 84 00

    office@iphos.com

    Khekgasse 35, 1230 Vienna, Austria