UserPro plugin for WordPress versions up to 2.28 have multiple security vulnerabilities that expose the website they are installed on to a wide scope of attack vectors. The plugin has 27 occurrences a procedure call that is extremely insecure (extract($_POST)
) and a futher 57 probably insecure uses of extract()
.
The Donald W. Reynolds Journalism Institute (RJI) is an organization that seeks out and tests innovations in journalism to find the best solutions for use in the real world.
The late breaking news ripping through the twitter-sphere and hitting the blogosphere is that
Matt Mullenweg, founder of Automattic and creator of open-source blogging system WordPress... raised a whopping $29.5 million in a Series B Round of funding, including a strategic investment from The New York Times Co. True Ventures led the round, which includes previous investors Polaris Ventures and Radar Ventures. (Full disclosure: both Automattic and GigaOM are backed by True Ventures.)
Matt confirmed this in his blog.
This comes at an interesting time in relation to Acquia's news of "$7 million in a Series A financing".