Jetpack plugin allows an attacker to bypass access controls and publish posts to any website hosted on the blogging platform. Jetpack is one of the most widely used WordPress plugins for self-hosted installations. No proof that the vulnerability has been used in the wild, but the only sure fix is to update the plugin with the latest version 2.9.3, which is the latest – patched – version of the plugin. No explanation given as to why the vulnerability wasn’t discovered sooner than last year.”]