Mastodon Feed: Post

Reblogged by collinsworth@hachyderm.io ("Josh Collinsworth"):

chikorita157@sakurajima.moe ("chikorita157 🐰:unverified:") wrote:

Apparently, Matt is weaponizing a CVE without notifying WP Engine so they can fix the issue before making the CVE to the public, just to use it as an excuse to get people's sites that can get their sites hacked since it’s used on many WordPress sites.

No wonder Matt created that tweet asking for ACF alternatives, as he intended to weaponize this against WP Engine. Of course, this behavior can get him into more legal trouble.

This behavior is dangerous as if he does the same to another company that makes popular WordPress plugins, he can do the same.

Matt Mullenweg needs to go, NOW! He is destroying WordPress.

Not to mention, WP Engine can't push updates, since Matt banned their accounts.

#WordPress #SaveWordPress #MattMullenwegResignNow #BoycottAutomattic

Attachments:

• Post A Automattic M @automattic Automatic's security team has responsibly disclosed a vulnerability in @wp_acf to @wpengine. As is standard, they have 30 days to issue a fix before public disclosure. We have reserved this CVE for the issue: cve.org/CVERecord?id=C 10:05 AM • Oct 5, 2024 • 1,399 Views (remote)