[00:00:00] Nathan Wrigley: Welcome to the Jukebox Podcast from WP Tavern. My name is Nathan Wrigley. Jukebox is a podcast which is dedicated to all things WordPress, the people, the events, the plugins, the blocks, the themes, and in this case, WordPress, security, and the OSI model, which underpins the entire internet. If you’d like […]
Continue reading
For any business, a high-performance website isn’t just a choice anymore. It’s a must. Let alone maintaining a stunning online presence, a website is crucial for attracting potential customers. The same goes if you have a security company. A fast-paced and responsive website can give your security business an extra edge, guiding them to explore […]
Continue reading
Starting October 1st, 2024, WordPress.org will roll out new security measures aimed at enhancing the safety of accounts with commit access to plugins and themes. This was announced by the Automattic-sponsored developer Dion Hulse. Mandatory Two-Factor Authentication Beginning next month, WordPress.org will make two-factor authentication (2FA) mandatory for all plugin and theme authors. Authors can […]
Continue readingWooCommerce shipped version 5.7.0 through a forced update for some users earlier this week. The minor release was not billed as a security update but the following day WooCommerce published a post explaining that the plugin was vulnerable to having analytics reports leaked on some hosting configurations: On September 21, 2021, our team released a […]
Continue readingHey, WordPress fans. We are checking in with your latest dose of weekly WordPress news. This week, WordPress released a security and maintenance update with 60 bug fixes and 3 security fixes. We recommend updating your sites if you haven’t yet. Beyond that, Jetpack acquired Social Image Generator, a plugin that automatically creates social share […]
Continue readingAdvanced Custom Fields (ACF) has released version 5.10, the first major release since the plugin was acquired by Delicious Brains. It introduces several new features that were previously experimental, closing out tickets that were started by previous owner Elliot Condon. The release enables HTML escaping by default, which helps prevent Cross-Site Scripting (XSS) attacks. It […]
Continue reading
WPScan is on track to post a record-breaking year for WordPress plugin vulnerabilities submitted to its database, according to a collaborative mid-year security report the company published with Wordfence. In the first half of 2021, WPScan has recorded 602 new vulnerabilities, quickly surpassing the 514 reported during all of 2020. The report is based on […]
Continue readingWooCommerce has shipped version 5.5.2 as a follow-up to the forced security update that patched a SQL Injection vulnerability last week. The vulnerability impacted versions 3.3 to 5.5 of the WooCommerce plugin, as well as versions 2.5 to 5.5 of the WooCommerce Blocks feature plugin. The team created a patch for more than 90 releases, which was sent as […]
Continue readingWooCommerce has patched an unspecified, critical vulnerability identified on July 13, 2021, by a security researcher through Automattic’s HackerOne security program. The vulnerability impacts versions 3.3 to 5.5 of the WooCommerce plugin, as well as version 2.5 to 5.5 of the WooCommerce Blocks feature plugin. “Upon learning about the issue, our team immediately conducted a […]
Continue reading
Jetpack 9.8 was released this week, introducing WordPress Stories as the headline feature. The Story block, which allows users to create interactive stories, was previously only available on mobile. It can now be used in the web editor. Stories went into public beta on the Android app in January 2021, and were officially released on the […]
Continue reading