• ResolvedModerator Steven Stern (sterndata)

    (@sterndata)


    Forum Moderator & Support Team Volunteer

    This just showed up in my mail, coming from no-reply@jetpack.com

    It looks like there are some content and formatting issues.

    Hi there,
    Recently, several vulnerabilities to remote attacks were discovered in the Meta Slider plugin. ||||||| .r213078
    
    Recently, several vulnerabilities to remote attacks were discovered in the ########### plugin.
Viewing 10 replies - 1 through 10 (of 10 total)
  • Plugin Contributor James Huff

    (@macmanx)

    Volunteer Moderator

    Well that’s odd!

    That’s the right email, but there weren’t any formatting issues when it was sent. πŸ™‚

    What email app did you see that under?

    Moderator Steven Stern (sterndata)

    (@sterndata)

    Forum Moderator & Support Team Volunteer

    I read it in Thunderbird, but it looks like that on the underlying g-suite account. See https://i.imgur.com/GQfXSFo.png

    kbatdorf

    (@kbat82)

    Can you also share where to find more information about said vulnerabilities?

    If the email is legitimate, this is the first I’m hearing about it…

    – Kevin (from MetaSlider)

    Plugin Support fresatomica

    (@fresatomica)

    Hm @sterndata, could you share the URL of your site so we could have a closer look?

    Plugin Author Jeremy Herve

    (@jeherve)

    Jetpack Mechanic πŸš€

    @kbat82 Hi! πŸ‘‹

    The email is about the vulnerabilities that you fixed in version 3.17.2.

    Plugin Support fresatomica

    (@fresatomica)

    @sterndata, it seems that the error in the script for the email has been already found and corrected. Thanks for letting us know! πŸ™‚

    kbatdorf

    (@kbat82)

    Hi @jeherve

    I’d like contact you directly about this. The messaging in that email is very misleading and inaccurate. I’d like to clear it up. If possible, can you hold off on sending out similar emails until you hear from us? Most likely first thing in the morning USA time.

    Plugin Author Jeremy Herve

    (@jeherve)

    Jetpack Mechanic πŸš€

    @kbat82 As my colleague mentioned above, there was a mistake with the contents of the email, so it definitely won’t look that way from now on.

    Regardless, we’ll of course be happy to chat about this further with you. We should be able to explain when the emails are sent, to whom, and why. You can email us at support@jetpack.com about this.

    zimbo000

    (@zimbo000)

    I got a similar email as well. It referenced a test site of a live domain as running Meta Slider – which it is, but the whole test site is hidden from Google, not indexed at all, with every page “noindex, nofollow”. So how does Jetpack even know about this site and that it runs Meta Slider?

    And why is Jetpack sending emails about supposed vulnerabilities in other plugins?

    Plugin Author Jeremy Herve

    (@jeherve)

    Jetpack Mechanic πŸš€

    @zimbo000 You received this email because you use the paid version of the Jetpack plugin and its security features.

    As part of your plan, you also get priority support, so don’t hesitate to reach out if you have any questions about that specific site, or the email you received:
    https://jetpack.com/contact-support/?rel=support

Viewing 10 replies - 1 through 10 (of 10 total)
  • You must be logged in to reply to this topic.