WordPress 6.0.2 Security and Maintenance Release: WordPress.org’s Bug Bounty Program at Work
Ram Dall over at Wordfence has a good breakdown of three vulnerabilities patched in the WordPress 6.0.2 Security and Maintenance Release.
Ram Dall over at Wordfence has a good breakdown of three vulnerabilities patched in the WordPress 6.0.2 Security and Maintenance Release.
We’ve seen forced updates become increasingly common and less controversial over time. But who decides, and how is that decision made? Are there unofficial channels and processes, like a decision tree, for escalating to a forced update?
Newfold acquires YITH, Hostopia. Wordfence stops FastOrSlow.com. DigitalOcean acquires CSS-tricks. Tips and tricks for WordPress devs.
What is the Block Protocol and why does it matter? What’s the significance of Matt taking over at Tumblr? And is WordPress way too complicated?
Collins Agbonghama is the Founder of ProfilePress. He spoke with David about his recent success acquiring a plugin and breaking even in just four months.
Milana Cap tells David about the stark reality of the near-overwhelming workload facing the WordPress Documentation Team.
Cory and David talk about WordPress’s reputation relative to its performance and a new proposal for a Performance Team for WordPress core.
In this episode of Post Status Excerpt, David Bisset and Cory Miller talk about how new developers might be able to get a footing with a career in WordPress. (The first step might be more social than technical in nature.)
Wordfence reports that the official SendGrid for WordPress plugin is vulnerable to authorization bypass if run in multisite. The plugin is no longer maintained and no longer downloadable from the plugin repo, but it is reported to have 100,000+ active installs. 🔓 Hat tip to Prashant Baldha who digs deeper into the vulnerability on his…
Issue #456 “One of the marvelous things about community is that it enables us to welcome and help people in a way we couldn’t as individuals.” — Jean Vanier, Community And Growth Howdy! Thinking about WordPress history lately in terms of business and product acquisitions, key investments and hires … it says A LOT about…
Wordfence has a created a whitepaper aimed at developers and security researchers to share how coding flaws can introduce some of the most common and significant WordPress vulnerabilities — and how to prevent them. 🔒
DAVID’S PICKS 📬 Videos 📺 Here are my video picks for the week: WordCamp Europe 2021: The video feeds from all three days of WCEUE are available on YouTube, with individual videos to be published in the coming weeks on WordPress.tv. Wordfence Live: Scott Miller explains how Wordfence recently became a CVE Numbering Authority. The…
Cory and David discuss the recently announced acquisition of Advanced Custom Fields (ACF) plugin by Delicious Brains.
Watch Cory Miller in a conversation with Nathan Wrigley and Anchen le Roux about effective online event hosting from planning to execution.
If you or your clients use Kaswara Modern WPBakery Page Builder (10k+ installations), then you might want to uninstall it when you can. Wordfence is reporting a critical zero-day vulnerability. And if you use Elementor, make sure it’s updated. A vulnerability was discovered last month, and more recently some third-party Elementor plugins received security patches too. …
WP Lookout has added a new feature that will try to detect and notify you when a WordPress.org plugin has been marked as “closed” in the plugin directory. 🔌 Founder Chris Hardie says they’re also noting plugins that have been in the news. The news sources to be considered “consistently provide thoughtful and in-depth coverage…
End of content
End of content