Tag: Richard Tape

Why Security Vulnerability Disclosures Aren’t Easy to Do

Disclosing security vulnerabilities publicly is absolutely essential, but it’s nearly impossible to do it without upsetting some people. For some, the WordPress update to version 4.2.3 caused, to put it lightly, a bit of a headache. (Listen to …

4.2.3

Richard Tape of the University of British Columbia runs a massive multi-site WordPress installation infrastructure with tens of thousands of individual websites. A change to the WordPress shortcodes API broke hundreds of them, and Richard had to get creative to fix it. The incident would keep him busy with hundreds of urgent support requests for days, and it shook his faith in the WordPress project.