WP Security Minute
@wpsecurityminute.bsky.social
Catch up with the latest WordPress security news and insights in a minute.
Is there a WordPress security story that we should be covering? Reply or DM us.
Is there a WordPress security story that we should be covering? Reply or DM us.
As our coverage of this last week noted, the service fails in an important way when it comes to security updates for plugins. youtu.be/cgyic425SP8
New Kinsta Service Doesn't Really Secure Plugin Updates as They Don't Verify Vulnerability Fixes
YouTube video by WP Security Minute
youtu.be
April 7, 2025 at 11:32 PM
As our coverage of this last week noted, the service fails in an important way when it comes to security updates for plugins. youtu.be/cgyic425SP8
As mentioned in the episode, Wordfence has now managed to say 9 times that a vulnerability in a WordPress plugin has been fixed without it being fixed yet.
They say they are "[t]he global leader in WordPress security." How much worse of a job do they think their competition is doing?
They say they are "[t]he global leader in WordPress security." How much worse of a job do they think their competition is doing?
March 27, 2025 at 9:27 PM
As mentioned in the episode, Wordfence has now managed to say 9 times that a vulnerability in a WordPress plugin has been fixed without it being fixed yet.
They say they are "[t]he global leader in WordPress security." How much worse of a job do they think their competition is doing?
They say they are "[t]he global leader in WordPress security." How much worse of a job do they think their competition is doing?
WP Engine now pledges more hours for the Five for the Future program than Automattic.
March 25, 2025 at 7:18 PM
WP Engine now pledges more hours for the Five for the Future program than Automattic.
Mentioned briefly in the episode is that rtCamp’s Five for the Future pledging looks highly suspect. Here is the latest activity for two employees that are stated to be spending 40 hours a week on the Core team. The amount of activity doesn’t seem in line with that.
![Submitted pull request #69693 to WordPress/gutenberg:
Enhance Site Logo: Make logo inherit the site background/gradient
5 hours ago
Submitted pull request #69310 to WordPress/gutenberg:
[List Block] - Add support for block gap
4 weeks ago
Submitted pull request #69244 to WordPress/gutenberg:
[Background Image Control] - Added placeholder for background images
1 month ago](https://cdn.bsky.app/img/feed_thumbnail/plain/did:plc:zncdhpfheqa5moratizlxp6r/bafkreihrgvxwhtio6xczk3ct4ltsqkbm7terdjybazzhbmbevxrecvqkau@jpeg)
![Submitted pull request #69660 to WordPress/gutenberg:
[New block] bookmark and bookmark count
3 days ago
Submitted pull request #69010 to WordPress/gutenberg:
[ New Block ]Countdown Timer Block
2 months ago
Pull request #67253 merged into WordPress/gutenberg:
Fix: Ensure consistency in editor tools for navigation buttons and delete options
3 months ago](https://cdn.bsky.app/img/feed_thumbnail/plain/did:plc:zncdhpfheqa5moratizlxp6r/bafkreidg7oxv4yll5p6gd52d37fkbvrtst7txcifylcgmy4nbcu5r4npsu@jpeg)
March 25, 2025 at 7:10 PM
Mentioned briefly in the episode is that rtCamp’s Five for the Future pledging looks highly suspect. Here is the latest activity for two employees that are stated to be spending 40 hours a week on the Core team. The amount of activity doesn’t seem in line with that.
Mentioned briefly in the episode is that rtCamp's Five for the Future pledging looks highly suspect. Here is the latest activity for two employees that are stated to be spending 40 hours a week on the Core team. The amount of activity doesn't seem in line with that.
March 25, 2025 at 5:43 PM
Mentioned briefly in the episode is that rtCamp's Five for the Future pledging looks highly suspect. Here is the latest activity for two employees that are stated to be spending 40 hours a week on the Core team. The amount of activity doesn't seem in line with that.
If you have run across another example of the Bleeping Computer and Bill Toulas lying, we would be interested in incorporating it in to future coverage.
Our DMs are open, if you don't want to publicly disclose something.
Our DMs are open, if you don't want to publicly disclose something.
March 21, 2025 at 5:00 PM
If you have run across another example of the Bleeping Computer and Bill Toulas lying, we would be interested in incorporating it in to future coverage.
Our DMs are open, if you don't want to publicly disclose something.
Our DMs are open, if you don't want to publicly disclose something.