16 Apr

Why Is Samuel “Otto” Wood Making Claims About Us That Don’t Match Reality?

When it comes to our full disclosure of vulnerabilities in protest of the continued inappropriate behavior of the WordPress Support Forum moderators we are certainly not above being criticized and any protest should be expected to have critics, but what we have found is that people are frequently criticizing us for things that are not close to true. For example, today during an email conversation with a developer of a plugin who incorrectly believed we had falsely claimed their plugin contained a vulnerability (and threatened to sue us over that) they wrote this in regards to our reason for full disclosing that vulnerability:

[Read more]

15 Apr

Samuel “Otto” Woods Believes That “Magic Wizards” Discover Exploitable Vulnerabilities in WordPress Plugins

When it comes to problems with the moderation of the WordPress Support Forum that led to us beginning to full disclose vulnerabilities until that inappropriate behavior is cleaned up there has been a continuing strange situation where people are mixing up cause and effect, somehow believing that we started our protest because we were banned from the Support Forum for our protest, which obviously makes no sense. The person that seems to at the heart of that mix up is the person in charge of the moderation of the Support Forum, Samuel “Otto” Wood, who also believes that “magic wizards” discover exploitable vulnerabilities in WordPress plugins.

[Read more]

30 Mar

WordPress Plugin Team Paints Target on Exploitable Settings Change Vulnerability That Permits Persistent XSS in Related Posts

When we announced a protest of the continued inappropriate behavior of the WordPress Support Forum moderators, one of the changes we suggested to resolve that was:

[Read more]

30 Nov

Samuel “Otto” Wood Keeps Making it Seem Like He Wants WordPress Websites to Be Unnecessarily Hacked

On October 29th we detailed a vulnerability that had been fixed in the plugin AMP for WP – Accelerated Mobile Pages and started warning our customers if they were using a vulnerable version. What made this problematic was that while there was a fixed version available, since the plugin was closed, people could not use the normal update process in WordPress to update to it (though we were available to help our customers do that).

[Read more]

05 Nov

The WordPress Forum Moderators Keep Bizarrely Deleting Replies Just Saying Thank You

Where we first saw indications that something was very amiss with the moderation of the WordPress Support Forum was when a reply from someone just thanking us for answering a question they had, was deleted. It didn’t make any sense to delete that and went against what people were being told as to the limited circumstances that things would be deleted from the forum:

[Read more]