Apparently, jetpacks are dangerous for more than the obvious reason. It was announced yesterday that the popular WordPress plugin, Jetpack was discovered to have a security hole that allows a serious Cross-Site Scripting (XSS) vulnerability to be injected. This security hole is a high-level threat and effects any Jetpack installation up to and including version 3.7.
Please check your plugins directory and update Jetpack to the current patched version immediately.
Unlike many other XSS attacks, this one is an especially nasty Stored XSS vulnerability. It allows code to be injected into a web server through the exploited plugin. When a user then logs into your site it allows the malicious code to have the ability to compromise that user. If you are a Cinch customer, your site has already been evaluated and updated as needed.
On the lighter side of the web, there is this.
