If you’re using Caldera Forms, there’s…

ByBrian Krogsgard Posted onMay 27, 2016

Security

If you’re using Caldera Forms, there’s a security update out for it (although the WordPress security team is pushing an auto update).

WordPress 3.5.2 released (maintenance and security release)

ByBrian Krogsgard June 21, 2013January 31, 2015

WordPress 3.5.2 has just been released. As this is a maintenance and security release, there is no reason not to update right away. The releases fixes some fringe vulnerabilities and minor bugs.

Make WordPress | Planet | Security | WordPress News

Jetpack receives a forced update

ByDavid Bisset June 4, 2021September 7, 2021

A little force push can come in handy sometimes. But with great power comes great responsibility. How should forced updates in WordPress be used?

Notes | Planet | Security

Pentesting as Contributing

ByDan Knauss August 8, 2022August 17, 2022

Robert Rowley at Patchstack explains what I believe is the first-ever reported vulnerability in Gutenberg (the plugin, not in WordPress core) to make the National Vulnerability Database. Robert has opened an issue for discussion in the Gutenberg GitHub repo that has a good quick summary of the vulnerability. It appears to be only a theoretical…

Security

WordPress 4.7.2 shipped today with security…

ByBrian Krogsgard January 26, 2017

WordPress 4.7.2 shipped today with security updates. All three updates require existing administrative access, so don’t seem to have a super high risk profile compared to publicly exposed areas. You should’ve already gotten automatic update notices for your websites — a thing that still delights me.