So the biggest news this week is that the Yoast SEO plugin was found to have an SQL injection vulnerability which required an immediate update. WordPress also pushed out an automatic update of the plugin because this plugin is so popular it would have affected literally millions of sites.
This is only the second time they have done so ( the first was for the Jetpack plugin ). I see no problem with this – I would rather have the automatic update than go through the pain of a hacked website, but a few people took issue with this as they hadn’t given permission for the automatic update to take place. The codex has since been updated to clarify the matter :
By default, automatic background updates only happen for plugins and themes in special cases, as determined by the WordPress.org API response, which is controlled by the WordPress security team for patching critical vulnerabilities.
In more personal news, I tweeted last friday that I was open to selling WPLift and ThemeFurnace as I am involved in another business which is taking off that I would like to spend some more time with that to grow it. I’ve had loads of tweets and emails asking about it so I thought I would clarify a few things here. I have created both from scratch on my own and am proud of them so I would only sell to a buyer who had the resources to carry them on and improve them – a bigger team for each would certainly help them grow even more. I am not in a rush to sell them, I’m quite happy to carry on running them myself but I do admit I have become a little burned out with WordPress lately, I have been working with it and writing about it daily since 2010 so a little time away from it seems appealing.
I wonder how other people who have been blogging about WordPress ( or anything else for that matter ) for longer periods get on? Maybe I just need to take a fresh approach, I started to plan some cool things for WPLift like videos and a members section so maybe I should try and push on with those and get them finished, they would certainly take the site to the next level. I’d be interested in hear anyone’s thoughts about this – Thanks!
Anyway, Hope everyone has a great weekend, let’s get on with the news!
WordPress News and Articles
- WPLift and ThemeFurnace up for sale – I tweeted this week about possibly selling WPLift & ThemeFurnace and found this discussion on WPChat about it.
- Blind SQL Injection Vulnerability Discovered in WordPress SEO Plugin by Yoast – Immediate update required, automatic updates also pushed out.
- WordPress 4.2 Beta 1 Now Available for Testing – Now includes the theme browsing in the customizer.
- Is a WordPress Plugin a Startup? – Depends.
- Is There a Lack of Integrity in WordPress?– Tom talks about Integrity, or lack of, within our community.
- WordPress wins DMCA censorship fight – WordPress beats a DMCA abuser.
Tutorials and How-Tos
- How To: Update Old Posts Correctly to Help Your Visitors & Boost Your SEO – My guide on how to update posts to gain traffic and improve the reader experience.
- Improve Your WordPress Email Delivery with Mandrill – A guide to using Mandrill to handle your WP emails.
- How to Approach Unhappy Clients – What to do with an unhappy customer ?
- Tour of the WordPress Database – A guide to the WP database
- How to Create Custom, Trackable, Short URL’s For All Your WordPress Posts and Pages – Guide to using short URLS
- How to Build an Auction Site on WordPress – Some plugins for creating an auction site
- Display the Most Recent Post in Each Category – Code for your theme to display latest posts from categories.
- A Simple Guide to the WordPress Quicktags API – How to add extra buttons to the TinyMCE Editor.
- Create a Simple CRM in WordPress: Creating Custom Fields – Next part of this tutorial series.
Resources & Freebies
- The WPLift Roundup of the Best Free WordPress Themes March 2015 – The best free themes released in the last month.
- Recipe Card: A Free WordPress Plugin for Publishing Professional Recipes – This looks like a great free plugin for displaying recipes.
- Showcase Your App with These Quality WordPress Themes – A roundup of WordPress themes for App websites.
- Customize and Preview WooCommerce Emails – This looks like a handy plugin for customizing your WooCommerce emails.
- The best tools & resources for your content promotion – Content promotion tools.
1 thought on “Weekly WordPress News: Yoast Vulnerability – Update Now, WPLift for Sale?”
Best of luck with selling the business. Anything that you throw yourself into with dedication still needs a break once in a while to let the mind rest.
I’ve enjoyed the site, and would love to see it go on with your ownership or with a team that will love and care for what you’ve created.
Comments are closed.