cookies

WordPress.com Security Vulnerability Stirs Debate Over Responsible Disclosure

Jeff Chandler May 28, 2014 44

Late last week, Yan Zhu, a Staff Technologist for the Electronic Frontier Foundation publicly disclosed a security vulnerability she discovered with WordPress.com and how it handles cookies. More specifically, she discovered the “wordpress_logged_in” cookie being sent in the clear to a WordPress authentication endpoint. She was able to use the (more…)

WordPress Plugin Authors: Be Up Front and Honest With Users About Tracking

Jeff Chandler December 17, 2013 9

Plugins collecting information and phoning home to a third-party without the user’s consent is a serious issue in the WordPress community. The WordPress plugin repository guidelines are clear on this matter specifically, point number seven and its sub points. Pooria Asteraky has published a post that explains why there needs (more…)

Mike: Totally broke users of The Events Calendar. Thankf »
Nathan Pinno: I updated my sites earlier, and when I tried to ed »
Doug Smith: The widespread problems with updating caused a dir »
Peter Knight: Vue has the MIT license w/o Patent grant, which is »
Scott: I'm confused. Is DonateWC a philanthropic effort, »
Andrew Duthie: From the perspective of Gutenberg, this was a majo »
Mattias Johansson: There are valid reasons why one might pick Vue ove »
Scott: Good points, Adrienne. But ever since a web design »
Greg Brown: Does Vue or Preact have a stance on backwards comp »
mark k.: @peter, no need to twist my words. I didn't say th »