cookies

WordPress.com Security Vulnerability Stirs Debate Over Responsible Disclosure

Jeff Chandler May 28, 2014 44

Late last week, Yan Zhu, a Staff Technologist for the Electronic Frontier Foundation publicly disclosed a security vulnerability she discovered with WordPress.com and how it handles cookies. More specifically, she discovered the “wordpress_logged_in” cookie being sent in the clear to a WordPress authentication endpoint. She was able to use the (more…)

WordPress Plugin Authors: Be Up Front and Honest With Users About Tracking

Jeff Chandler December 17, 2013 9

Plugins collecting information and phoning home to a third-party without the user’s consent is a serious issue in the WordPress community. The WordPress plugin repository guidelines are clear on this matter specifically, point number seven and its sub points. Pooria Asteraky has published a post that explains why there needs (more…)

Kent Myers: I got the same unsatisfactory copy and pasted resp »
Birgit Pauli-Haack: Bastian, yes exporting/importing Blocks would be c »
Birgit Pauil-Haack: Giang, that's a great question. For now, I prefer, »
Ted Clayton: It’s good to see the continuing involvement of GoD »
Otto: This is correct. I'm happy to take a look at these »
Dennis: How would this affect services like ManageWP? »
Steve Ryan: Not reviewed here, but certainly a viable PHP-only »
Alex Mangini: Great roundup! When I found out Gutenberg was goin »
Erik Joling: I second that. I have been a grateful user since T »
Alex: Yeah, I agree, let’s give them a chance – I’m actu »