WordPress 6.0.2 Security and Maintenance Release: WordPress.org’s Bug Bounty Program at Work
Ram Dall over at Wordfence has a good breakdown of three vulnerabilities patched in the WordPress 6.0.2 Security and Maintenance Release.
Features | Make WordPress | Planet | Security
Open Secrets: Forced Updates in WordPress
We’ve seen forced updates become increasingly common and less controversial over time. But who decides, and how is that decision made? Are there unofficial channels and processes, like a decision tree, for escalating to a forced update?
Business | Design | Hosting | Planet | Security | The Week in Review | WordPress News
Post Status Notes #490
Newfold acquires YITH, Hostopia. Wordfence stops FastOrSlow.com. DigitalOcean acquires CSS-tricks. Tips and tricks for WordPress devs.
Post Status Excerpt (No. 45) — The Block Protocol, Tumblr, and Complexity with Lesley Sim
What is the Block Protocol and why does it matter? What’s the significance of Matt taking over at Tumblr? And is WordPress way too complicated?
Business | Hosting | Planet | Post Status Podcasts | Security | The Excerpt
Post Status Excerpt (No. 44) — Small Wins with Small Plugins
Collins Agbonghama is the Founder of ProfilePress. He spoke with David about his recent success acquiring a plugin and breaking even in just four months.
Post Status Excerpt (No. 36) — Help Needed: WordPress Docs Team
Milana Cap tells David about the stark reality of the near-overwhelming workload facing the WordPress Documentation Team.
Post Status Excerpt (No. 28) — A WordPress Core Performance Team?
Cory and David talk about WordPress’s reputation relative to its performance and a new proposal for a Performance Team for WordPress core.
Post Status Excerpt (No. 19) — How Can New Developers Get Started In WordPress?
In this episode of Post Status Excerpt, David Bisset and Cory Miller talk about how new developers might be able to get a footing with a career in WordPress. (The first step might be more social than technical in nature.)
Wordfence reports that the official SendGrid…
Wordfence reports that the official SendGrid for WordPress plugin is vulnerable to authorization bypass if run in multisite. The plugin is no longer maintained and no longer downloadable from the plugin repo, but it is reported to have 100,000+ active installs. 🔓 Hat tip to Prashant Baldha who digs deeper into the vulnerability on his…
Footnotes #456
Issue #456 “One of the marvelous things about community is that it enables us to welcome and help people in a way we couldn’t as individuals.” — Jean Vanier, Community And Growth Howdy! Thinking about WordPress history lately in terms of business and product acquisitions, key investments and hires … it says A LOT about…
Wordfence has a created a whitepaper…
Wordfence has a created a whitepaper aimed at developers and security researchers to share how coding flaws can introduce some of the most common and significant WordPress vulnerabilities — and how to prevent them. 🔒
DAVID’S PICKS 📬 Videos 📺 Here…
DAVID’S PICKS 📬 Videos 📺 Here are my video picks for the week: WordCamp Europe 2021: The video feeds from all three days of WCEUE are available on YouTube, with individual videos to be published in the coming weeks on WordPress.tv. Wordfence Live: Scott Miller explains how Wordfence recently became a CVE Numbering Authority. The…
Post Status Excerpt (No. 12) — Takeaways from the ACF Acquisition
Cory and David discuss the recently announced acquisition of Advanced Custom Fields (ACF) plugin by Delicious Brains.
Making Online Summits Work with Nathan Wrigley and Anchen le Roux
Watch Cory Miller in a conversation with Nathan Wrigley and Anchen le Roux about effective online event hosting from planning to execution.
If you or your clients use…
If you or your clients use Kaswara Modern WPBakery Page Builder (10k+ installations), then you might want to uninstall it when you can. Wordfence is reporting a critical zero-day vulnerability. And if you use Elementor, make sure it’s updated. A vulnerability was discovered last month, and more recently some third-party Elementor plugins received security patches too. …
WP Lookout has added a new…
WP Lookout has added a new feature that will try to detect and notify you when a WordPress.org plugin has been marked as “closed” in the plugin directory. 🔌 Founder Chris Hardie says they’re also noting plugins that have been in the news. The news sources to be considered “consistently provide thoughtful and in-depth coverage…
End of content
End of content
