WordPress plug-in flaw puts over 1 million websites at risk
"Owners of WordPress-based websites should update the Jetpack plug-in as soon as possible because of a serious flaw that could expose their users to attacks.
Jetpack is a popular plug-in that offers free website optimisation, management and security features. It was developed by Automattic, the company behind WordPress.com and the WordPress open source project, and has over 1 million active installations.
Researchers from web security firm Sucuri have found a stored cross-site scripting (XSS) vulnerability that affects all Jetpack releases since 2012, starting with version 2.0.
• Microsoft ends common password use and password lockout
• CIOs list organised cyber crime as the biggest threat
• IT professionals are feeling less job stress, survey suggests
• Do you think a robot could replace your job?
• WordPress plug-in flaw puts over 1 million websites at risk
• What's really new in SharePoint 2016?
• European data protection supervisor adds voice to criticism of Privacy Shield
• Government competition chiefs demand fairer use terms for cloud storage customers
• US nuclear arsenal controlled by 1970s computers with 8in floppy disks
• And finally…34% of Brits willing to sacrifice their online safety for weight loss