Apple apologizes to WordPress, no longer requires free app to add purchases
news.movim.eu / ArsTechnica · Monday, 24 August, 2020 - 16:37 · 1 minute
WordPress for iOS is a free app that connects to the company's free open source content management system, which millions of sites around the Web use for some part of their structure. WordPress the company also sells domain names and an array of personal, business, and enterprise web hosting packages. Apple, unfortunately, seems to have mixed the two up over the weekend and briefly forced WordPress to add in-app purchases that it otherwise wouldn't have, so it could take a cut.
"Heads up on why @WordPressiOS updates have been absent... we were locked by App Store," WordPress founder Matt Mullenweg explained in a series of Tweets on Friday. "To be able to ship updates and bug fixes again, we had to commit to support in-app purchases for .com plans. I know why this is problematic, open to suggestions."
WordPress opted for the path of least resistance, as The Verge reported, and agreed to add path inside their iOS app for users to purchase premium offerings including domain names. Because of the agreements developers make with Apple to have their apps approved for the App Store, 30 percent of any purchases made through the WordPress app after that functionality was added would have gone to Apple.
Pourquoi Apple a-t-il présenté des excuses à WordPress ?
news.movim.eu / Numerama · Monday, 24 August, 2020 - 08:07
Le fondateur de Wordpress accusait Apple de le forcer à rajouter des fonctionnalités payantes dans son application, pour pouvoir toucher 30 % de commission. Apple a finalement présenté ses excuses à Wordpress, en rétropédalant sur cette décision. [Lire la suite]
Voitures, vélos, scooters... : la mobilité de demain se lit sur Vroom ! https://www.numerama.com/vroom/vroom//
L'article Pourquoi Apple a-t-il présenté des excuses à WordPress ? est apparu en premier sur Numerama .
Hackers exploit critical vulnerability found in ~100,000 WordPress sites
news.movim.eu / ArsTechnica · Tuesday, 18 February, 2020 - 20:08
Hackers are actively exploiting a critical WordPress plugin vulnerability that allows them to completely wipe all website databases and, in some cases, seize complete control of affected sites.
The flaw is in the ThemeGrill Demo Importer installed on some 100,000 sites, and it was disclosed over the weekend by Website security company WebARX. By Tuesday, WebArx reported that the flaw was under active exploit with almost 17,000 attacks blocked so far. Hanno Böck, a journalist who works for Golem.de, had spotted active attacks several hours before and reported them on Twitter .
If you use this plugin and your webpage hasn't been deleted yet consider yourself lucky. And remove the plugin. (Yes, remove it, don't just update.)
— hanno (@hanno) February 18, 2020
"There's currently a severe vuln in a wordpress plugin called "themegrill demo importer" that resets the whole database," Böck wrote. " https://webarxsecurity.com/critical-issue-in-themegrill-demo-importer/ It seems attacks are starting: Some of the affected webpages show a wordpress 'hello world'-post. /cc If you use this plugin and your webpage hasn't been deleted yet consider yourself lucky. And remove the plugin. (Yes, remove it, don't just update.)"