Attackers target new XSS in millions of WordPress sites Posted on May 7, 2015 by Dissent This vulnerability was found in a Twenty Fifteen plugin called JetPak. You all know what to do by now.