WordPress.org Introduces New Security Measures for Plugin and Theme Authors – WP Tavern

[ad_1] Starting October 1st, 2024, WordPress.org will roll out new security measures aimed at enhancing the safety of accounts with commit access to plugins and themes. This was announced by the Automattic-sponsored developer Dion Hulse. Mandatory Two-Factor Authentication Beginning next month, WordPress.org will make two-factor authentication (2FA) mandatory for all plugin and theme authors. Authors […]

Continue reading

WooCommerce 5.7.0 Patches Security Issue that Could Potentially Leak Analytics Reports – WP Tavern

[ad_1] WooCommerce shipped version 5.7.0 through a forced update for some users earlier this week. The minor release was not billed as a security update but the following day WooCommerce published a post explaining that the plugin was vulnerable to having analytics reports leaked on some hosting configurations: On September 21, 2021, our team released […]

Continue reading

ACF 5.10 Introduces Block API v2 Support, Block Preloading, and Security Improvements – WP Tavern

[ad_1] Advanced Custom Fields (ACF) has released version 5.10, the first major release since the plugin was acquired by Delicious Brains. It introduces several new features that were previously experimental, closing out tickets that were started by previous owner Elliot Condon. The release enables HTML escaping by default, which helps prevent Cross-Site Scripting (XSS) attacks. […]

Continue reading

WooCommerce Patches Critical Vulnerability, Sending Forced Security Update from WordPress.org – WP Tavern

[ad_1] WooCommerce has patched an unspecified, critical vulnerability identified on July 13, 2021, by a security researcher through Automattic’s HackerOne security program. The vulnerability impacts versions 3.3 to 5.5 of the WooCommerce plugin, as well as version 2.5 to 5.5 of the WooCommerce Blocks feature plugin. “Upon learning about the issue, our team immediately conducted […]

Continue reading