Jeff Chandler

Patches Featured Image

The WordPress core team has released WordPress 4.5.2 which patches two security vulnerabilities in WordPress versions 4.5.1 and below. The first is a SOME vulnerability (Same-Origin Method Execution) in Plupload, the third-party library WordPress uses for uploading files. The second is a reflected cross-site-scripting vulnerability in MediaElement.js, the third-party library (more…)

Ninja Forms Featured Image

Ninja Forms, a popular plugin active on more than 500K websites, released an update 48 hours ago that addresses a critical security vulnerability. Wordfence is reporting that Ninja Forms versions 2.9.36 to 2.9.42 contain multiple security vulnerabilities. One of the vulnerabilities allows an attacker to upload and execute code remotely (more…)

WordPress.org Support Forums Adds Accessibility Section

Earlier this year, the WordPress project made a huge move by adopting accessibility coding standards for new and updated code. If you’re struggling to meet WCAG 2.0 guidelines in your WordPress projects and need help, check out the new Accessibility section in the WordPress.org support forums. Amanda Rush, who helps (more…)

WordPress Weekly Featured Image

On this episode of WordPress Weekly, I describe my experience attending WordCamp Chicago 2016 this past weekend. Marcus Couch and I then discuss the news of the week including a new tool that helps WordCamp organizers create customized name badges. We also have a lengthy discussion on the freemium business (more…)

WordCampChicago2016FeaturedImage

WordCamp Chicago 2016 was held at University Center in the heart of Chicago, IL, where more than 300 attendees spent the weekend learning about WordPress. The event was organized by Ryan Erwin and a team of volunteers. Tracks were split up into three separate rooms limiting the amount of background (more…)

bbPress 2.5.9 Patches Cross-Site-Scripting Vulnerability

John James Jacoby, lead developer of bbPress, has released bbPress 2.5.9 to patch a security vulnerability, “bbPress 2.5.8 and below are susceptible to a cross-site-scripting vulnerability that’s due to the way users are linked to their profiles when they are mentioned in topics and replies,” Jacoby said. Marc-Alexandre Montpas is (more…)

Templatic Hacked, Files and Databases Compromised

Templatic, a WordPress commercial theme company, reported on Saturday, April 30th, that its site was hacked. Files and databases containing customer usernames and passwords were compromised. According to R. Bhavesh, founder of Templatic, the data is being held for ransom money. The hacker is now threatening us via email and (more…)

WordPress 4.5.1 Fixes 12 Bugs

WordPress 4.5.1 is available and addresses a dozen items reported against WordPress 4.5. According to Adam Silverstein, “a singular class issue that broke sites based on the Twenty Eleven theme, an incompatibility between certain Chrome versions and the visual editor, and an Imagick bug that could break media uploads,” are (more…)

WordCamp Chicago 2009

WordCamp Chicago 2016 takes place this weekend and I’ll be among the many attendees. I haven’t visited the city since 2009 and I’m excited to satisfy my craving for deep dish pizza at Lou Malnati’s. WordCamp Chicago 2009 is a special memory because it’s where I saw a demo of (more…)

In Case You Missed It Featured Image

There’s a lot of great WordPress content published in the community but not all of it is featured on the Tavern. This post is an assortment of items related to WordPress that caught my eye but didn’t make it into a full post. Matt Mullenweg’s Father Passes Away Losing a (more…)