Forced Update

featured article

Open Secrets: Forced Updates in WordPress

Photo of author
Dan Knauss
FeaturesMake WordPress
Two weeks ago, Robert Rowley did a detailed post-mortem analysis for Patchstack of a severe vulnerability in Ninja Forms. Chloe Chamberland at Wordfence had identified and also described it in detail the day before. Both Robert, Chloe, and Sarah Gooding…
Latest articles

Coordinated plugin updates to address security vulnerability in many popular WordPress plugins

Photo of author
Brian Krogsgard
The common vulnerability that triggered a coordinated plugin update of many popular plugins this morning is caused by a lack of escaping of two WordPress functions, add_query_arg() and remove_query_arg(). It appears it was a common misunderstanding that the functions needed…
A2 Hosting
Gravity Forms