Recently the Jetpack team found some infected files in one of our hosted customers’ sites, and quickly traced the source of infection back to the Workreap theme by Amentotech. We started an investigation and uncovered a number of vulnerable AJAX endpoints in the theme; the most severe of these was an unauthenticated unvalidated upload vulnerability potentially leading to remote code execution and a full site takeover.
We reported the vulnerabilities to the Amentotech team via the Envato Helpful Hacker program, and the issues were addressed promptly by them. Version 2.2.2 of the theme was released on June 29, 2021 that fixes the found vulnerabilities.
Due to the seriousness of the vulnerabilities, we highly recommend all users of the Workreap theme to upgrade to version 2.2.2 or later as soon as possible.
Download the upgrade from the theme website and install it manually, or upgrade automatically via the Envato market plugin.
Continue reading → Multiple vulnerabilities in Workreap theme by Amentotech
At Jetpack, we are continuously working to develop a better product for you and your website. This month, we bring the popular Story Block to the web editor, a feature previously exclusive to mobile. This release also includes a fix for a security vulnerability for the Carousel feature.
We consequently encourage you to update all sites that you administer as soon as possible.
Continue reading → Jetpack 9.8: Engage your audience with WordPress Stories
One of the greatest benefits of WordPress is its extendability — there’s a plugin for nearly any task you could imagine so you can build a website that accomplishes anything that you want.
Does this mean you should load up on plugins? No. The more plugins you have, the slower your site loads, which negatively impacts your visitors’ experience. And some plugins can conflict with one another or with your theme, leading to errors or downtime.
That’s why Jetpack is a great option for WordPress sites: with dozens of tools in a single plugin, it provides a ton of functionality without weighing down your site.
Continue reading → What Does the Jetpack Plugin Do?
If you own a WordPress agency and could automate critical service tasks for your clients, you’d be better positioned for expansion and growth. Sounds great, right? But it’s a lot easier said than done.
Web design company FreshySites is doing exactly this with the help of Jetpack. They’ve built over 1,900 websites and actively manage about 1,200. Yet they’ve found a way to reduce the person-power required to deliver more services for an increasing number of clients.
With a small team, they’re completing more tasks for more clients. Let’s see how they do it.
Continue reading → How WordPress Agency FreshySites Uses Jetpack to Scale
One of WordPress’s biggest benefits is plugins, which let you expand your site’s functionality to meet your exact needs. There are no limits to the type or number of plugins you can install and activate on your WordPress website — there are currently thousands available in the WordPress repository.
But with this unlimited flexibility comes responsibility, since each new plugin introduces its own set of potential issues, from site slowdowns to crashes and compatibility issues. With a little knowledge and a little Jetpack, you can resolve the three most common challenges — or prevent them from happening in the first place.
Continue reading → How to Avoid Common WordPress Plugin Problems with Jetpack
Jetpack 7.9.1 contains a critical security update. You should update all sites that you administer as soon as possible.
Continue reading → Jetpack 7.9.1: Maintenance and Security Release
In today’s digital world, your online presence can end up being the lifeblood of your business. This is why it’s imperative that your site is continuously up and running, and that you mitigate its downtime.
To do so, it’s wise to get started with uptime monitoring to ensure that your website is available and accessible at all times. And Jetpack has a useful uptime monitoring solution for you, and it’s available for free.
Today, we’ll learn why uptime monitoring is crucial for every WordPress website owner, and how using it can even save you money. You’ll come away understanding just how easy it is to get uptime monitoring notifications sent to your email address, as well.
Continue reading → The Importance of Uptime Monitoring With Jetpack
Looking for a way to add an extra layer of protection to your site security? Two-factor authentication (2FA) might be your best bet. 2FA can be used along with your traditional login credentials to make it even harder for unauthorized users to log into your account (even if they have your password).
Let’s review why enabling 2FA will benefit your site security, and how it can stop hackers in their tracks.
Continue reading → Use Two-Factor Authentication to Make Your Site More Secure
The AV-TEST Institute estimates that more than 250,000 new forms of malware attacks are created every day. If your site isn’t secured, one of these hundreds of thousands could end up targeting your WordPress website.
Given how common malware is, it’s important to understand exactly what it is and how to stop it from wreaking havoc on your site.
Today, we’ll define malware, discuss the most common types, and explain how to prevent malware with the help of Jetpack.
Continue reading → How to Prevent Malware with Jetpack