cookies

WordPress.com Security Vulnerability Stirs Debate Over Responsible Disclosure

Jeff Chandler May 28, 2014 44

Late last week, Yan Zhu, a Staff Technologist for the Electronic Frontier Foundation publicly disclosed a security vulnerability she discovered with WordPress.com and how it handles cookies. More specifically, she discovered the “wordpress_logged_in” cookie being sent in the clear to a WordPress authentication endpoint. She was able to use the (more…)

WordPress Plugin Authors: Be Up Front and Honest With Users About Tracking

Jeff Chandler December 17, 2013 9

Plugins collecting information and phoning home to a third-party without the user’s consent is a serious issue in the WordPress community. The WordPress plugin repository guidelines are clear on this matter specifically, point number seven and its sub points. Pooria Asteraky has published a post that explains why there needs (more…)

David McCan: It looks like the option has been restored, along »
Marc: Wouldn't it had been easier, cleaner, faster, and »
Peter Müller: Thanx for the video. I experienced the same things »
John Parkinson: Well done Jeff! I enjoyed the podcast. Lots of goo »
David Artiss: From my understanding, and I'm certainly no expert »
Jesse: WordPress Foundation = United States / California: »
Miroslav Glavic: How will the WP team follow legalities? EU has the »
Tomas M.: Shouldn't TRT make new readme guideline as require »
Rod: Rock On Terence! Elementor is truly changing the l »
Terence: I also see that Elementor has just published a chi »