What is the vulnerability | Vulnerable file found in the genericons package. Primarily included in the JetPack WordPress plugin and the Twenty-Fifteen theme. |
Who is affected? | Anyone using the WordPress JetPack plugin or Twenty-fifteen theme. InMotion has already taken steps to patch the vulnerability. |
The JetPack WordPress plugin and Twenty-fifteen themes include a DOM (Document Object Model) based cross-site scripting (XSS) vulnerability due to a file included with the genericons package found in the Twenty-Fifteen and JetPack installations. InMotion has provided a patch for this issue already, so the problem has already been addressed for our hosting service. If you wish to be doubly sure, simply remove the genericons/example file in your installation.
We value your feedback!
There is a step or detail missing from the instructions.
The information is incorrect or out-of-date.
It does not resolve the question/problem I have.
new! - Enter your name and email address above and we will post your feedback in the comments on this page!