[wp-hackers] WordPress plugin inspections

Josh Pollock jpollock412 at gmail.com
Wed Feb 19 19:45:07 UTC 2014


Harry-

I am the community manager for Pods we were made aware of your evaluation
by a user who reported it in our GitHub issue tracker. Our leader
developer, Scott K. Clark, has responded to your claims, which we do not
consider to be fair, here:

https://github.com/pods-framework/pods/issues/2043#issuecomment-35538379

I would encourage you to contact the developers of plugins before releasing
vulnerability reports. This sort of vague report doesn't help us improve
our plugin, something we are constantly doing based on input from users. It
only serves to potentially confuse users.

Take care,
Josh Pollock


On Wed, Feb 19, 2014 at 1:43 PM, Harry Metcalfe <harry at dxw.com> wrote:

> Hello list,
>
> We write and publish light-touch inspections of WordPress plugins that we
> do for our clients. They are just a guide - we conduct some basic checks,
> not a thorough review.
>
> Would plugins which fail this inspection be of general interest to the
> list and therefore worth posting? Is the list also interested in
> vulnerability advisories, or do people tend to get those elsewhere?
>
> Here's an example report:
>
> https://security.dxw.com/plugins/pods-custom-content-types-and-fields/
>
> Grateful for a steer...
>
> Harry
>
>
> --
> Harry Metcalfe
> 07790 559 876
> @harrym
>
> _______________________________________________
> wp-hackers mailing list
> wp-hackers at lists.automattic.com
> http://lists.automattic.com/mailman/listinfo/wp-hackers
>


More information about the wp-hackers mailing list