Chris Christoff of the Plugins Team has published the roadmap of Phase 2 of the Plugin Check plugin. According to the statistics shared at this year’s State of the Word, 41% fewer issues were reported per approved plugin after launching the Plugin Check tool, enabling the team to approve 138% more plugins …
Awesome Motive’s WP Forms plugin has patched a Missing Authorization to Payment Refund and Subscription Cancellation vulnerability. This issue allowed authenticated attackers with Subscriber-level access or higher to refund Stripe payments and cancel subscriptions without proper authorization. Wordfence reports that “The WPForms plugin for WordPress is vulnerable to unauthorized modification of data …
In the latest chapter of the ongoing dispute between Automattic and WP Engine, a new plugin “Secure Custom Fields” (https://wordpress.org/plugins/secure-custom-fields/) has been added to the Plugin Repository by WordPress.org. This plugin has 90+ active installations and exhibits the features of ACF Pro plugin like repeater, flexible content, clone fields gallery, options pages, and ACF …
Matt Jaworski, Co-Founder of PeepSo.com, has announced that PeepSo is leaving the WordPress plugin repository. Moving forward, all updates for the plugin will be served directly from PeepSo’s servers. Explaining the decision, Jaworski expressed dissatisfaction with the repository, stating, “We have never been very happy with the WordPress repository, as we found their …
Starting October 1st, 2024, WordPress.org will roll out new security measures aimed at enhancing the safety of accounts with commit access to plugins and themes. This was announced by the Automattic-sponsored developer Dion Hulse. Mandatory Two-Factor Authentication Beginning next month, WordPress.org will make two-factor authentication (2FA) mandatory for all plugin and …