security

WordPress 4.8.2 Patches Eight Security Vulnerabilities

WordPress 4.8.2 is available for download and users are encouraged to update as soon as possible. This release patches eight security vulnerabilities and has six maintenance related fixes. Hardening was also added to WordPress core to prevent plugins and themes from accidentally causing a vulnerability through $wpdb->prepare() which can create (more…)

Equifax Launches WordPress-Powered Site for Consumers Affected by Security Breach

Equifax has launched a WordPress-powered website to connect with consumers affected by its recent security breach, which compromised 143 million customers’ personal data. The exposed data includes names, birth dates, social security numbers, addresses, credit card numbers, driver’s license numbers, and other sensitive financial information. The equifaxsecurity2017.com site was launched (more…)

SiteLock Acquires Patchman's Malware and Vulnerability Detection Technology, Expands WordPress Customer Base to 4 Million

SiteLock, a website security company, has acquired Patchman, a Dutch security startup that offers automated vulnerability patching and malware removal for hosting providers. Prior to the acquisition SiteLock protected 6 million sites, with 2.2 million of them running on WordPress. The addition of Patchman extends SiteLock’s customer base to 12 (more…)

WordPress Is Now on HackerOne, Launches Bug Bounties

WordPress now has its own official HackerOne account where security researchers can responsibly disclose vulnerabilities to the security team. The project’s page was previously listed under Automattic’s profile before HackerOne launched its free community edition for open source projects. WordPress has now transitioned to its own account, which also includes (more…)

In Case You Missed It Featured Image

There’s a lot of great WordPress content published in the community but not all of it is featured on the Tavern. This post is an assortment of items related to WordPress that caught my eye but didn’t make it into a full post. The REST API Democratizes Reading Mika Epstein (more…)