Category: WordPress
-
Huge Vulnerability in WordPress 4.8
Anthony Ferrara discovered a significant security vulnerability and an even more fundamental security flaw in WordPress. The correct fix is to ditch this whole prepare mechanism (which returns a string SQL query). Do what basically everyone else does and return a statement/query object or execute the query directly. That way you can’t double-prepare a string.…
-
How to Keep Your New WordPress Site Running Smoothly
So you just launched a WordPress site for your business, everything is up and running. Pages load quickly, SEO is better than ever, you paid your development team. Now you’re all set for the next few year, right? In an ideal world, this would be true. Unfortunately, the Internet is a dangerous place and software…
-
Dear WordPress Get Your 💩 Together
Dear WordPress.org, Get your shit together! It is 2016, there is no excuse for allowing any plugins with insecure code to make their way into the plugin directory. Full stop. The story about Custom Content Type Management stealing admin credentials and other shenanigans, is utterly pathetic. I’d bet this incident is just the tip of the…