

XSS Vulnerability in Jetpack and the Twenty Fifteen Default Theme Affects Millions of WordPress Users
Jetpack and the Twenty Fifteen default theme have been updated after a DOM-based Cross-Site Scripting (XSS) vulnerability was discovered. According to Sucuri, any plugin or theme that uses Genericons is vulnerable due to an insecure file included within the package. Genericons ships with a file called example.html which is vulnerable to attack from the Document Object Model level or DOM for short. The Open Web Application Security...










WPWeekly Episode 166 – Interview With The Project Lead For XWP, Frankie Jarrett
Back in September, Stream 2.0 was released with some significant changes. The most notable change is the transition from a plugin into a service. In this episode of WordPress Weekly, Marcus Couch and I are joined by the...


