bbPress 2.5.10 Patches Security Vulnerability

John James Jacoby, lead developer of bbPress, has released bbPress 2.5.10 to patch a security vulnerability in all previous versions of the 2.X branch. This release also contains security hardening improvements where user display names and avatars are commonly displayed together. Jacoby notes that these changes affect bbPress only and don’t impact third-party (more…)

All in One SEO 2.3.7 Patches Persistent XSS Vulnerability

Semper Fi Web Design, the company behind All in One SEO, a popular WordPress SEO optimization plugin that’s active on more than 1M sites, has released 2.3.7 to patch a persistent XSS security vulnerability. According to the plugin’s changelog, 2.3.7 sanitizes the Bad Bots module referer and user agent. While it doesn’t sound (more…)