WordPress 6.0.2 Security and Maintenance Release: WordPress.org’s Bug Bounty Program at Work
Dan Knauss
NotesPlanet
Ram Dall over at Wordfence has a good breakdown of three vulnerabilities patched in the WordPress 6.0.2 Security and Maintenance Release. One is a high severity SQLi vulnerability in the links functionality, and the other two are medium severity Cross-Site…
Latest articles
Open Secrets: Forced Updates in WordPress
Dan Knauss
FeaturesMake WordPress
Two weeks ago, Robert Rowley did a detailed post-mortem analysis for Patchstack of a severe vulnerability in Ninja Forms. Chloe Chamberland at Wordfence had identified and also described it in detail the day before. Both Robert, Chloe, and Sarah Gooding…
Post Status Notes #490
David Bisset
BusinessDesign
No Content Courtney has the week's news from the people making WordPress at .org. 🏗️ Check out David's podcast and video picks for the week. 🎙️ Have you found greater benefits or costs from being assertive in your workplace? ✋…
Post Status Excerpt (No. 45) — The Block Protocol, Tumblr, and Complexity with Lesley Sim
David Bisset
PlanetPost Status Podcasts
In this episode of Post Status Excerpt, David talks with Lesley Sim about Joel Spolsky on the Block Protocol, Matt Mullenweg for taking over for the exiting CEO of Tumblr, and a blog post by Dan Devine entitled "The Complicated…
Post Status Excerpt (No. 44) — Small Wins with Small Plugins
David Bisset
BusinessHosting
In this episode of Post Status Excerpt, David talks with Collins Agbonghama, the Founder of ProfilePress and the author of a few other WordPress plugins. Collins shares what he called a "small" win in Post Status Slack early in January…
Post Status Excerpt (No. 36) — Help Needed: WordPress Docs Team
David Bisset
PlanetPost Status Podcasts
"The best documentation is written by people who are using it." —Milana Cap In this episode of Post Status Excerpt, Milana Cap tells David about the stark reality of the near-overwhelming workload facing the WordPress Documentation Team. Currently, about four…
Post Status Excerpt (No. 28) — A WordPress Core Performance Team?
David Bisset
PlanetPost Status Podcasts
"If plugin authors were better educated maybe they would make some different choices." In this episode of Post Status Excerpt, Cory and David talk about WordPress's reputation relative to its performance. This discussion unfolds in light of a new proposal…
Post Status Excerpt (No. 19) — How Can New Developers Get Started In WordPress?
David Bisset
BusinessPlanet
The first step to getting started might not be technical. As new people come into Post Status looking for some guidance, there is a tendency among old hands to say things used to be much easier. Although it was a…
Wordfence reports that the official SendGrid…
Dan Knauss
Wordfence reports that the official SendGrid for WordPress plugin is vulnerable to authorization bypass if run in multisite. The plugin is no longer maintained and no longer downloadable from the plugin repo, but it is reported to have 100,000+ active…
Footnotes #456
Dan Knauss
BusinessDesign
Issue #456 “One of the marvelous things about community is that it enables us to welcome and help people in a way we couldn’t as individuals.” — Jean Vanier, Community And Growth Howdy! Thinking about WordPress history lately in terms…
Wordfence has a created a whitepaper…
Dan Knauss
Security
Wordfence has a created a whitepaper aimed at developers and security researchers to share how coding flaws can introduce some of the most common and significant WordPress vulnerabilities — and how to prevent them. 🔒
DAVID’S PICKS 📬 Videos đź“ş Here…
Dan Knauss
BusinessDesign
DAVID'S PICKS 📬 Videos 📺 Here are my video picks for the week: WordCamp Europe 2021: The video feeds from all three days of WCEUE are available on YouTube, with individual videos to be published in the coming weeks on…
Post Status Excerpt (No. 12) — Takeaways from the ACF Acquisition
David Bisset
PlanetPost Status Podcasts
A Focus On Mental Health And Long-Term Stability In this episode of Post Status Excerpt, Cory Miller and David Bisset discuss the recently announced acquisition of Advanced Custom Fields (ACF) plugin by Delicious Brains Inc. After having time to absorb…
Making Online Summits Work with Nathan Wrigley and Anchen le Roux
Karen Johnson
BusinessDesign
Are you planning to host your first online event in the near future? Has your experience hosting online events approached the level of a small fiasco? Watch Cory Miller in a conversation with Nathan Wrigley (WPBuilds) and Anchen le Roux…
If you or your clients use…
Dan Knauss
Security
If you or your clients use Kaswara Modern WPBakery Page Builder (10k+ installations), then you might want to uninstall it when you can. Wordfence is reporting a critical zero-day vulnerability. And if you use Elementor, make sure it's updated. A vulnerability…
WP Lookout has added a new…
Dan Knauss
WP Lookout has added a new feature that will try to detect and notify you when a WordPress.org plugin has been marked as “closed” in the plugin directory. 🔌 Founder Chris Hardie says they're also noting plugins that have been…
