If you are using the most popular Jetpack plugin by Automatic, then you should update Jetpack now !!!. Yesterday, Automatic released a new update for Jetpack, which includes some security updates, improvements, and bug fixes. We strongly recommend you to upgrade your sites to the latest version of JetPack as soon as possible.
Security Update:
Automatic team has released some security updates:
- Likes: They have fixed an XSS vulnerability in the Liked module.
- REST API / Contact form: Fixed the contact form to ensure that submitted feedback forms are not publically available via the REST API.
- Post By Email: They have added an extra security feature to prevent unauthorized changes to Post By email settings.
Bug Fixes:
- The developer team has fixed a bug in the comment section where the comment form language was always set to English instead of the language used on the site. The have updated this to use the language set on the site.
- They have also updated Custom CSS module to handle slashes and quotes properly when saving your CSS in this module.
Improvements:
The developers have made a few improvements to the connection process when linking the JetPack site to WordPress.com and also updated their debug process. Few improvements include the following
- Multi – site: They have improved the JetPack connection management in Jetpack’s network admin for the multi-site.
- Protect: Increase the default timeout to 30 seconds and added a few filter jetpack_protect_connect_timeout, – to allow further customization of the Protect timeout from this default.
- Photon: Auto generate additional srcset option, to improve responsive image support, etc.
Jetpack UI Improvements:
The developer has added a contact form in the admin that links directly to our Jetpack Support Team.
Download Plugin: Click Here
There are many other bug fixes and improvements. To check out the full changelog, visit the plugin’s page.