←back to thread

Secure Custom Fields by WordPress.org

(wordpress.org)
172 points ValentineC | 1 comments | 12 Oct 24 18:38 UTC | HN request time: 0s | source
Show context
CharlesW ◴[12 Oct 24 19:27 UTC] No.41821726[source]
So WordPress-the-org — which is effectively Matt, as far as I can tell — just Sherlocked a developer's plug-in using the developer's own code, ostensibly as retribution for a security issue that the developer had already fixed. https://www.advancedcustomfields.com/blog/acf-6-3-8-security...

What am I missing?

replies(5): >>41821790 #>>41821829 #>>41821872 #>>41821880 #>>41823351 #
photomatt ◴[12 Oct 24 19:41 UTC] No.41821829[source]
This release fixes a separate security vulnerability from the original update.
replies(5): >>41821983 #>>41822001 #>>41822749 #>>41823899 #>>41825727 #
ankleturtle ◴[12 Oct 24 21:21 UTC] No.41822749[source]
You are abusing the community for your own gain. Stop!
replies(2): >>41822912 #>>41825644 #
1. bigiain ◴[13 Oct 24 06:21 UTC] No.41825644[source]
So far as I can tell, when Matt talks about "the WordPress Community", he means:

  - Matt
  - the people who didn't quit Automattic last week
  - _maybe_ the WP core developers who don't work at Automattic, so long as they keep their criticisms to themselves
And the community of people who _use_ WordPress to run their websites, and the people who help them to do that, and the 3rd party plugin and theme developers who make WP work for so many different kinds of websites - can all go and get fucked.