Software updates for plug-ins, themes and the core WordPress platform itself are issued not only to provide new and exciting functions, but also to protect your website from attack.
Underlining the seriousness of the issue, WordPress.com has disconnected anyone who hasn’t updated their Jetpack plug-in, according to eweek.com.
Jetpack is a popular plug-in which adds new functionality to WordPress sites. It has been installed on around 14 million websites worldwide.
Last Spring a vulnerability was discovered in Jetpack which could have allowed unauthorised access. Updates were issued but it appears that some people still have not updated their Jetpack version. To force the issue, WordPress has disconnected those sites with vulnerable Jetpack plugins from WordPress.com.
Since the software update was made available, WordPress has been working with hosting companies to protect all sites until each individual Jetpack installation was updated. However, this was never meant to be a long-term solution and have not been continued indefinitely.
It’s important to keep all your plug-ins updated. In December, around 100,000 WordPress sites were infected with malware through a vulnerability in a non-updated plug-in.