In this episode of WordPress Weekly, Marcus Couch and I discuss some of the major headlines of the past two weeks. We talk about the unprecedented move by the Theme Review Team to suspend Zerif Lite from the theme directory leaving 300K users without a way to get updates. We share what’s new in Edit…
W3 Total Cache 0.9.5 was released early this morning, the first major update to the plugin since 2014. Users were expecting a security release after an XSS vulnerability was reported in the plugin last week but were surprised to find the release is packed full of new features. In addition to the patch for the…
WP Media is reporting a high risk XSS vulnerability in W3 Total Cache that the company learned about from El Rincón de Zerial’s security blog. The plugin is currently active on more than one million WordPress sites. This particular vulnerability is found within the plugin’s support form that is embedded in the admin, according to…
We didn’t have a guest this week so Marcus Couch and I discuss the latest news and events happening in the WordPress community. We update listeners as to the status of the W3 Total Cache plugin. This segues into a conversation on whether caching plugins are necessary considering the improvements in technology in the last…
W3 Total Cache is a free, caching WordPress plugin created by Frederick Townes that’s active on more than one million sites. While the plugin’s core functionality is free to use, there’s a handful of services users can buy from within the plugin such as enhanced support to server and site configurations. A recent post by…
Over the past few days, I’ve read various posts regarding a security hole discovered in the popular W3 Total Cache plugin. According to a security bulletin published by Jason Donenfeld on Seclist.org, after installing the plugin from the WordPress plugin repository through the backend of WordPress, there are two avenues of attack left open. 1)…