Jetpack 3.9.5 was released yesterday with compatibilities for the upcoming WordPress 4.5 release and a handful of enhancements/bug fixes. Shortly after issuing the routine maintenance update, the Jetpack team began receiving reports of random, unwanted videos being added to the comments of posts. Any number string in the comments was automatically converted into a Vimeo video.
No, this bug was not an April Fool’s Day prank, although it seemed like it. As a temporary fix, support representatives recommended that users deactivate the Shortcode Embeds module.
We’re aware of an issue with numbers in comments embedding random Vimeo videos and are working to get 3.9.6 out as a fix ASAP.
— Jetpack (@jetpack) March 31, 2016
The Jetpack team scrambled to fix the rather humorous and annoying bug, which had been introduced while fixing another Vimeo bug. A few hours later they shipped 3.9.6 on the heels of the maintenance release. Users who updated to 3.9.5 right away will need to update again in order to avoid running into this bug.
Well, as a website administrator I can tell you that it was a pretty scary bug – I thought we were being hacked!
I’m glad that the issue was fixed so quickly. Only a few of my website readers experienced it.