WordPress Zero-Day Vulnerability, Patched Quickly, Disclosed Slowly
The CMS provider revealed on Wednesday they had waited nearly a week before they disclosed publicly the most recent vulnerability to the content management system. Only versions 4.7 and 4.7.1 were impacted and earlier iterations were unaffected by this round. WordPress announced "It is our stance that security issues should always be disclosed. In this case, we intentionally delayed disclosing this issue by one week to ensure the safety of millions of additional WordPress sites," explained Aaron Campbell, a WordPress core contributor, in a blog post published on WordPress.org. Continue reading this story here.