In this episode, John James Jacoby and I are joined by Matt Mullenweg, co-creator of the WordPress project and CEO of Automattic. We discussed a wide range of topics including, his role on the board of directors at GitLab, Telemetry or data-usage gathering in WordPress, and the WordPress Growth Council. We learned what’s happening with…
WordPress now has its own official HackerOne account where security researchers can responsibly disclose vulnerabilities to the security team. The project’s page was previously listed under Automattic’s profile before HackerOne launched its free community edition for open source projects. WordPress has now transitioned to its own account, which also includes sister projects BuddyPress, bbPress, GlotPress,…
HackerOne, the vulnerability coordination and bug bounty platform, has launched a new Community Edition for open source projects. The company is built around the notion that, “given enough eyeballs, all vulnerabilities are shallow.” HackerOne announced a $40 million round of funding earlier this month, which allows the company to expand its market and add new…
John James Jacoby, lead developer of bbPress, has released bbPress 2.5.10 to patch a security vulnerability in all previous versions of the 2.X branch. This release also contains security hardening improvements where user display names and avatars are commonly displayed together. Jacoby notes that these changes affect bbPress only and don’t impact third-party themes or modifications to the…