WordPress

PluginVulnerabilities.com is Protesting WordPress.org Support Forum Moderators by Publishing Zero-Day Vulnerabilities

A security service called Plugin Vulnerabilities, founded by John Grillot, is taking a vigilante approach to addressing grievances against WordPress.org support forum moderators. The company is protesting the moderators’ actions by publishing zero-day vulnerabilities (those for which no patch has been issued) and then attempting to contact the plugin author (more…)

A Quick Introduction to WordPress' Date/Time Component

At WordCamp Nordic’s contributor day I had the opportunity to chat with Andrey “Rarst” Savchenko about WordPress’ Date/Time component, the code that manages date, time, and timezone functionality. Savchenko is one of the maintainers of this lesser-known component, which includes code that dates back to PHP 4 times. After volunteering (more…)

WordPress 5.1.1 Patches Critical Vulnerability

WordPress 5.1.1 was released yesterday evening with an important security update for a critical cross-site scripting vulnerability found in 5.1 and prior versions. The release post credited Simon Scannell of RIPS Technologies for discovering and reporting the vulnerability. Scannell published a post summarizing how an unauthenticated attacker could take over (more…)

Global WordPress Translation Day Set for May 11, 2019

One of the the most important factors in WordPress’ growth is the software’s availability in 186 languages. Its vibrant community of translation volunteers, known as the Polyglots team, continually update the translations to ensure access for millions of non-English speakers around the world. In 2016, the team began hosting their (more…)