October 28, 2024 at 02:36AM Organizers of WordCamps have been ordered by Automattic employees to take down social media posts and share login credentials, amidst tensions over WordPress’s control and rival WP Engine’s contributions. This has led to volunteer frustration and concerns over community engagement and autonomy, harming events like WordCamp Sydney. ### Meeting Takeaways: … Read more
October 15, 2024 at 06:29AM Automattic has released updates for 101 Jetpack versions from the past eight years to address a critical vulnerability, enhancing the security of the popular WordPress plugin. This development was reported by SecurityWeek. **Meeting Takeaways:** 1. **Company Update**: Automattic has released updates for Jetpack. 2. **Scope of Updates**: A total of … Read more
October 15, 2024 at 01:00AM Jetpack has released a security update to fix a critical vulnerability allowing logged-in users to access submitted forms on WordPress sites. The flaw, identified in an internal audit, affects versions since 2016. Jetpack collaborated with WordPress.org to ensure automatic updates. Meanwhile, WP Engine disputes WordPress’s control over its plugins. ### … Read more
October 14, 2024 at 03:37PM Jetpack, a popular WordPress plugin, released a critical update to fix a vulnerability allowing logged-in users to access submitted forms from other visitors. The flaw affects all versions since 3.9.9, with fixes available for 101 versions. Users are urged to upgrade immediately, though no exploitation evidence has been found. ### … Read more