While on stage at WordCamp Europe answering a question related to WordPress’ security track record, Matt Mullenweg named Nikolay Bachiyski as the first Security Czar for the WordPress project. Announcement by @photomatt at #wceu: Nikolay Bachiyski (@nikolayb) is new Security Czar for http://t.co/ALFwuNTcoy — DeborahEdwards-Onoro (@redcrew) June 26, 2015 Bachiyski is employed by Automattic and has been a member of the WordPress community for more than 10 years. Over that time period, he’s established trust with a number of people in and outside of the WordPress ecosystem. The role allows Bachiyski to focus on communication and triage security reports. Mullenweg admitted on stage that there have been communication issues in the past. He didn’t specify any examples, but one that comes to mind is WordPress 4.2.1. In April 2015, security researcher Jouko Pynnönen, published details of a security vulnerability in WordPress hours before the team released a patch. He tried contacting the WordPress security team using a variety of channels, all of which came up empty. WordPress has refused all communication attempts about our ongoing security vulnerability cases since November 2014. We have
Share This