At the end of November, a flaw was detected in the WordPress Jetpack plugin affecting millions of sites, exposing them to threats and potential attacks . The problem has been detected from version 5.1 up and the first version to which it is recommended to update the plug-in is Jetpack 7.9.1: you can update or manually download the release. By sticking to outdated versions of the plug-in you risk that your site is vulnerable: do you understand how important updates are?
What happened with Jetpack?
Jetpack is one of the most popular WordPress plugins and boasts more than 5 million activations. It provides a wide range of services to protect the security of your application such as site backup, secure logins, malware scans and protection from attacks.
The flaw was detected in the way Jetpack processes embed code but fortunately no hackers or viruses discovered the vulnerability prior to the release of Jetpack 7.9.1. With this latest update, it will probably only be a matter of time before anyone attempts to undermine the security of your application if stopped at an earlier Jetpack version. For this reason, in addition to recommending the update to 7.9.1, the developers and the WordPress security team have worked together to patch up the flaw in the plugin from 5.1 onwards . Many sites have already been updated to the secure version, or will soon be, as reported on the official website .
The news caused a sensation everywhere, especially because WordPress is the most used CMS by users: at the beginning of 2019, over 30% of sites use WordPress, as we can read from a study conducted by the famous CMS. The latest release, WordPress 5.3, has already been downloaded about 20 million times: this highlights the user base of the CMS and the negative consequences of a wrong plugin installed on all those sites.
The importance of updates
Taking the Jetpack case, we understand the importance of updates: they provide you with greater safeguards not only from the point of view of security, but also from the point of view of performance : whether we are talking about plug-ins, PHP, WordPress itself.
Updating is essential for your site and for your business.
Why update WordPress?
The success of WordPress is unstoppable and the millions of sites created using this CMS are proof of this.
Success, however, can be a double-edged sword, and due to the wide use of the platform, there are several attacks that have hit WordPress over the years. The Jetpack case is the latest, but in the past hackers attempted to hide fake plug-ins in plain sight or when certain sites were scammed.
If the advantage of working with an open source CMS like WordPress is flexibility, the disadvantage is the vulnerability in terms of security: it is easier for a hacker to spot flaws in open source code than in proprietary code. Precisely for this reason, the WordPress community and developers are always attentive and ready to release new versions to fix the various bugs identified.
To avoid damage related to your business or your image, and to guarantee optimal performance, your WordPress site needs constant updates on various levels: from the CMS itself, to the theme, to the plug-ins, up to PHP , the language programming tool used to write sites in WordPress. Obviously the PHP update takes place at a lower rate than the CMS: the latest version released by WordPress is 5.3 and the latest version of PHP is 7.4, recently made available.
We recommend that you update all components in order to get the most benefit :
- WordPress : updated to the latest version, 5.3, brings improvements both in terms of security and performance;
- Choice of theme : a wrong theme, as well as being counterproductive from an aesthetic point of view for your site, could be too heavy or badly organized and this would affect the performance;
- Choice of plug-ins : there is a wide range of plug-ins to choose from, it is important to focus on those that bring real benefits to your business, such as those relating to SEO optimization or the security of your application;
- Choice of PHP : updating the programming language to the latest version, currently 7.4, brings benefits both in terms of code readability and performance optimization, as we have analyzed in the article relating to the latest minor release .
Updating the various levels of WordPress is convenient: you can easily integrate new features and plug-ins to existing ones, without overturning the HTML code: flexibility is one of the greatest advantages of an open source CMS.
Updates are essential, especially when it comes to the safety and security of your site: very often in fact, new versions are released not only to improve but also to fix any bugs of the previous one.
Before updating, we recommend that you make a security backup , so that you can restore the situation in the event of a problem or incompatibility.
The site is your business card: by making it secure and optimizing it for a better user experience, you will be able to attract more traffic with the probability of converting visitors into customers.
