https://www.bleepingcomputer.com/news/security/millions-of-sites-exposed-by-flaw-in-jetpack-wordpress-plugin/

Admins and owners of WordPress websites are urged to immediately apply the Jetpack 7.9.1 critical security update to prevent potential attacks that could abuse a vulnerability that has existed since Jetpack 5.1.

You can update your installation to the 7.9.1 version through your dashboard, or manually download the Jetpack 7.9.1 release here.