/i/2004395166.png?fit=%2C&ssl=1)
Developer Automattic is forcibly rolling out a security update to WordPress plugin Jetpack to fix a vulnerability in the carousel feature. It is not clear what kind of vulnerability this is.
The vulnerability was discovered in the carousel function of the plugin according to Bleeping Computer. Furthermore, the developer does not specify what kind of vulnerability it is and what the risks of the vulnerability are. As far as we know, the vulnerability has not been exploited.
Automattic installs the patch on more than five million WordPress sites. These are all WordPress sites that have Jetpack 2.0 or a later version installed. The update will be installed automatically.
This isn’t the first time WordPress has used the ability to force an update to install. The security team of the content management system has already installed updates automatically several times to close security holes.
The Jetpack update patch notes contain a staat actual list with updated versions of the plugin.
–
