Security researcher Dawid Golunski of Legal Hackers has published the details of an unauthorized password reset vulnerability in WordPress core. Golunski demonstrated how, under certain circumstances, an attacker could intercept the password reset email and gain access to a user’s account.
The WordPress Community Team is debating the merits of a new type of WordCamp, a hybrid event with the traditional WordCamp content in a retreat-style format. Sven Wagener and the Köln meetup group in Germany, which has more than 700 members, have proposed a new style of camp that would potentially be called “WordCamp in the Green” or “WordCamp Retreat.”
Jetpack 4.9 gives self-hosted WordPress users access to some of the widgets that are available on WordPress.com. One of the most useful ones for European websites is the new EU Cookie Law Banner widget. The WordPress plugin directory has dozens of plugins related to cookie consent, but Jetpack users can now get this feature bundled with the popular plugin.
WooConf, the official WooCommerce developer’s conference, is returning for its third edition October 19-20, 2017. In line with previous years’ events that were hosted in major U.S. tech hubs (San Francisco and Austin), WooConf 2017 will be held in Seattle.
May is Mental Health Awareness Month in the US, dedicated to educating people about mental health and illnesses since 1949. WP Elevation is joining the observance this year with a special emphasis on freelancers and the tech industry.
WP Docker is a new project from 10up that makes it easy to set up a local WordPress development environment with Docker. Last year 10up worked with Joyent, a cloud infrastructure company, to create a production-ready implementation of WordPress in Docker.
Shopify’s official plugin for WordPress was removed from the plugin directory this week. The plugin allowed users to create “Buy Buttons” for products from their Shopify stores and insert them into WordPress posts and pages using a shortcode. It was built by WebDevStudios and had approximately 9,000 active installations before it was removed.