Patchstack Weekly Patchstack Weekly
-
- News
This is a weekly series where you can get caught up on recent events relevant to open source security, with an initial focus on WordPress security.
This series is brought to you by Patchstack and your host Robert. I look forward to helping keep you regularly up to date on open source security issues here at the Patchstack weekly Update.
-
Patchstack Weekly - Ending On a High Note
This is the final episode of the Patchstack Weekly podcast. All things come to an end - so it's only fitting to dedicate the last episode to software end-of-life, and how developers and website owners should handle sunsetting their projects.
We also want to thank our host, Robert, for sharing lessons on WordPress security (and beyond) over these past 68 episodes! -
Patchstack Weekly - Securing Open-Source Forks
Forking is a fundamental part of open-source software - it offers anyone the opportunity to lead an existing project in a new direction. But forking also means that the owners of the new fork are taking over the responsibility for the security of their new project.
-
Patchstack Weekly - Preventing Insecure Inclusion Bugs
This week's knowledge share is about a rare but serious security bug that can be found in any PHP application. Luckily it is easy to avoid, and WordPress has a built-in function that developers can utilize to help secure against it.
In vulnerability news we'll cover three vulnerabilities, including one PHP Object Injection bug in the popular Advanced Custom Fields plugin. -
Patchstack Weekly - The One Serious Vulnerability That Open-Source Will Never Have
Closed-source software has one vulnerability open-source software will never face - source code leaks. This episode is all about embracing people who review open-source software, and consequently make it safer.
We'll also cover the recent Elementor Pro vulnerability that is, unfortunately, being actively exploited by attackers. -
Patchstack Weekly - Understanding WordPress Security Bug Severity
When you see a security fix available for your website, you should of course update the affected component. But should you drop everything and apply the update immediately? Or can you at least finish your coffee first? Or is it OK to deal with it when you get a break? That depends on the bug.
Also in this episode, we'll cover the recent critical WooCommerce security bug which was, luckily, fixed with a rare forced update by the WordPress team. -
Patchstack Weekly - Un-updatable Plugins - What Do They Mean?
Abandoned plugins with security bugs in them are a silent risk for WordPress site owners - but there's an easy way to spot plugins that have been out of date for a while straight from your WordPress admin page. This episode is a quick tutorial on that!