One of the most popular WordPress site optimization plugins, Jetpack, reportedly carried a major vulnerability for years which allowed people to access other people’s submitted content.

The company that manages the plugin, Automattic, discovered the vulnerability during an internal audit recently, and released fixes for all vulnerable versions. Users are advised to apply the fix immediately, since there is no workaround and since crooks will probably now try to take advantage of the bug.