←back to thread

Secure Custom Fields by WordPress.org

(wordpress.org)
172 points ValentineC | 1 comments | 12 Oct 24 18:38 UTC | HN request time: 0s | source
Show context
CharlesW ◴[12 Oct 24 19:27 UTC] No.41821726[source]
So WordPress-the-org — which is effectively Matt, as far as I can tell — just Sherlocked a developer's plug-in using the developer's own code, ostensibly as retribution for a security issue that the developer had already fixed. https://www.advancedcustomfields.com/blog/acf-6-3-8-security...

What am I missing?

replies(5): >>41821790 #>>41821829 #>>41821872 #>>41821880 #>>41823351 #
photomatt ◴[12 Oct 24 19:41 UTC] No.41821829[source]
This release fixes a separate security vulnerability from the original update.
replies(5): >>41821983 #>>41822001 #>>41822749 #>>41823899 #>>41825727 #
ankleturtle ◴[12 Oct 24 21:21 UTC] No.41822749[source]
You are abusing the community for your own gain. Stop!
replies(2): >>41822912 #>>41825644 #
geerlingguy ◴[12 Oct 24 21:40 UTC] No.41822912[source]
What is he gaining at this point?
replies(4): >>41822931 #>>41823426 #>>41825661 #>>41831870 #
ankleturtle ◴[12 Oct 24 22:53 UTC] No.41823426{3}[source]
Harm of WP Engine.
replies(2): >>41823930 #>>41824547 #
acherion ◴[13 Oct 24 00:06 UTC] No.41823930{4}[source]
At the cost of also harming WP. Well done Matt. clap clap (these are sarcastic claps)
replies(1): >>41824201 #
1. minimaxir ◴[13 Oct 24 00:52 UTC] No.41824201{5}[source]
There's a reason mutually-assured destruction is abbreviated MAD.