From birth, Mike Stott, a true entrepreneur, literally couldn’t wait to start tackling challenges. He joined Jetpack in a less-than-conventional way and now spends each day serving fellow entrepreneurs by developing the tools they need to succeed on WordPress.
See how he turned a passion into a career, the surprising reason he had to rebrand his most famous product, and just how little his family actually knows about his job.
Continue reading → Meet Mike Stott: Jetpack CRM’s Eager Entrepreneur
There’s not much better than world-class security and analytics tools in a single plugin. But wouldn’t it be fantastic if all of these things were available on an app so you could access them on the go?
Announcing the new Jetpack mobile app, now available for iOS and Android — hooray! This robust app brings all of your favorite essential Jetpack features to your mobile device. Receive important notifications, keep tabs on site activity, restore a backup if necessary, scan for malware, view valuable site stats, and access other Jetpack features you love, anytime and anywhere.
The app supports WordPress sites with Jetpack enabled and an account connected to WordPress.com.
To download the mobile app, click the buttons below or enter your email to get a link on your mobile device.
Continue reading → Jetpack from Anywhere: The Mobile App is Here
Moving your WordPress site to a new host or server can seem daunting, but it’s sometimes necessary. The internet can seem like everything’s just floating out in space, but when you get down to the nitty gritty, your WordPress website files actually have to physically live somewhere. A hosting company’s job is to store your files and database so that your site can be accessed by anyone from any location around the world.
Ideally, your website can live happily at your hosting company forever and you never have to give the physical files any thought. But there may come a time when you want to move your website. Let’s take a look at a few reasons you might need to migrate to a new host and how you can do this easily.
Continue reading → How to Migrate Your WordPress Site (to a New Host or Server)
During an audit of the Motor theme (full name “Motor – Cars, Parts, Service, Equipments and Accessories WooCommerce Store” by Stockware) for WordPress, we found a number of rather severe vulnerabilities.
These vulnerabilities would allow an unauthenticated attacker complete read access to files on the file system of the site host, and would also allow them to run any PHP scripts found in the file system. We did not identify any upload vulnerabilities in the Motor theme, but paired with other vulnerable plugins this could allow for a complete takeover of the vulnerable site.
We disclosed these vulnerabilities to the theme store who then contacted the theme vendor with our findings. A fixed version of the theme was released as version 3.1 on June 3, 2021. We encourage everybody using this theme to upgrade to the latest version immediately!
Continue reading → Vulnerabilities Found in Motor WordPress Theme < 3.1
Back on April 20th, 2021, our friends at WPScan reported a severe vulnerability on Kaswara Modern VC Addons, also known as Kaswara Modern WPBakery Page Builder Addons. It is not available anymore at Codecanyon/Envato, meaning that if you have this running, you must choose an alternative.
This vulnerability allows unauthenticated users to upload arbitrary files to the plugin’s icon directory (./wp-content/uploads/kaswara/icons). This is the first Indicator Of Compromise (IOC) our friends at WPScan shared with us in their report.
The ability to upload arbitrary files to a website gives the bad actor full control over the site, which makes it hard to define the final payload of this infection; thus, we’ll show you everything we found so far (we got a little carried away on the research, so feel free to jump to the IOC section if you don’t want to read through).
Continue reading → Vulnerable Kaswara Modern WPBakery Page Builder Addons Plugin Being Exploited in the Wild
At Jetpack, we are continuously working to develop a better product for you and your website. This month, we bring the popular Story Block to the web editor, a feature previously exclusive to mobile. This release also includes a fix for a security vulnerability for the Carousel feature.
We consequently encourage you to update all sites that you administer as soon as possible.
Continue reading → Jetpack 9.8: Engage your audience with WordPress Stories