Jeff Chandler

Data

I’m in favor of WordPress collecting more anonymized usage data that could help make informed decisions on changes or improvements to core, such as tracking changes to the WordPress user interface, which buttons or settings are used most often, etc. A good example of when this data could have come (more…)

Digital Signature Featured Image

Scott Arciszewski, Chief Development Officer for Paragon Initiative Enterprises, who is most widely known for his cryptography engineering work, published a post on Medium criticizing Matt Mullenweg, co-creator of the WordPress open-source software project, for not caring enough about security. Arciszewski has since retracted the post but you can read (more…)

In Case You Missed It Featured Image

There’s a lot of great WordPress content published in the community but not all of it is featured on the Tavern. This post is an assortment of items related to WordPress that caught my eye but didn’t make it into a full post. Interviewed for WordPress.tv A few weeks ago, (more…)

WordPress Weekly Featured Image

On this episode, Marcus Couch and I are joined by Morten Rand-Hendriksen to discuss his WordPress Telemetry proposal. We discuss the potential benefits of having an opt-in usage data collection system that could help core developers and others make informed decisions. Rand-Hendriksen also shares what he’s learned from teaching WordPress (more…)

WP Super Cache 1.4.9 Patches Multiple XSS Vulnerabilities

WP Super Cache is a nearly 10-year-old plugin that is maintained by Donncha Ó Caoimh and is actively installed on more than a million sites. Releases have been far and few between, but Ó Caoimh has released WP Super Cache 1.4.9 that patches cross-site-scripting vulnerabilities on the settings page. “Those pages (more…)

BlogVault Featured Image

BlogVault, a real-time backup and migration service with a WordPress plugin that’s active on more than 20K sites, announced over the weekend that it suffered a security breach that exposed data. Akshat Choudhary, founder of BlogVault, explains that some customer sites were accessed without authorization and were infected with malware. (more…)