The Jetpack 7.9.1 critical security update has been released to prevent potential attacks that could abuse a vulnerability that has existed since Jetpack 5.1. The vulnerability was found in the way Jetpack processed embed code and Adham Sadaqah was the one credited for responsibly disclosing the security issue. Over four million out of the more than five million WordPress websites that use Jetpack have already been updated according to its entry on the WordPress Plugins site. The plugin has over 5 million active installations and it was developed and it is currently maintained by Automattic.
Source: https://www.bleepingcomputer.com/news/security/millions-of-sites-exposed-by-flaw-in-jetpack-wordpress-plugin/