JetPack and TwentyFifteen Vulnerable to DOM-based XSS

robertsonchris2014 · Member · May 7, 2015 at 9:15 pm
Copy link

Add topic to favorites
Hi,

Just wanted to inquire regarding updates to sites on wordpress.com. I don’t see any mention on the site that the above vulnerability has been resolved (i.e. wordpress.com updated to patch vulnerability).

I just wanted to find out if this has been resolved, for those sites running on wordpress.com.

The blog I need help with is: (visible only to logged in users)
jeremeylduvall · Member · May 9, 2015 at 5:34 pm
Copy link
For sites on WordPress.com, we removed the example file (the file that was vulnerable) in Twenty Fifteen and any other theme that included the same icon set. All is safe!

The topic ‘JetPack and TwentyFifteen Vulnerable to DOM-based XSS’ is closed to new replies.

Couldn't find what you needed?

Contact us

Get answers from our AI assistant, with access to 24/7 expert human support on paid plans.

Browse our guides

Find step-by-step solutions to common questions in our comprehensive guides.