GDPR compliance is an important consideration for all WordPress websites. The GDPR Compliance team is looking for help to test the privacy tools that are currently being developed in core.

What is GDPR?

GDPR stands for General Data Protection Regulation and is intended to strengthen and unify data protection for all individuals within the European Union. Its primary aim is to give control back to the EU residents over their personal data.

Why the urgency? Although the GDPR was introduced two years ago, it becomes  enforceable starting May 25, 2018.

Make WordPress GDPR Compliance Team

Currently, the GDPR Compliance Team understands that helping WordPress-based sites become compliant is a large and ongoing task. The team is focusing on creating a comprehensive core policy, plugin guidelines, privacy tools and documentation. All of this requires your help.

The GDPR Compliance Team is focusing on four main areas:

  • Add functionality to assist site owners in creating comprehensive privacy policies for their websites.
  • Create guidelines for plugins to become GDPR ready.
  • Add administration tools to facilitate compliance and encourage user privacy in general.
  • Add documentation to educate site owners on privacy, the main GDPR compliance requirements, and on how to use the new privacy tools.

Don’t we already have a privacy policy?

Yes and no. That said, The GDPR puts tighter guidelines and restrictions. Though we have many plugins that create privacy pages, we need means to generate a unified, comprehensive privacy policy. We will need tools for users to easily come into compliance.

Site owners will be able to create GDPR compliant privacy policy in three steps:

  1. Adding a dedicated page for the policy.
  2. Adding privacy information from plugins.
  3. Reviewing and publishing the policy.

A new “postbox” will be added to the Edit Page screen when editing the policy. All plugins that collect or store user data will be able to add privacy information there. In addition it will alert the site owners when any privacy information changes after a plugin is activated, deactivated, or updated.

There is a new functionality to confirm user requests by email address. It is intended for site owners to be able to verify requests from users for displaying, downloading, or anonymizing of personal data.

A new “Privacy” page is added under the “Tools” menu. It will display new, confirmed requests from users, as well as already fulfilled requests. It will also contain the tools for exporting and anonymizing of personal data and for requesting email confirmation to avoid abuse attempts.

New section on privacy will be added to the Plugin Handbook. It will contain some general information on user privacy, what a plugin should do to be compliant, and also tips and examples on how to use the new privacy related functionality in WordPress.

The new privacy tools are scheduled for release at the end of April or beginning of May 2018.

Αυτή η αναβάθμιση διορθώνει 28 bugs της έκδοσης 4.9 συμπεριλαμβανομένου διορθώσεις για το κομμάτι της προσαρμογής, την βιβλιοθήκη πολυμέσων, ειδοποιήσεις λαθών και κάποιες ρυθμίσεις ασφαλείας.

Η έκδοση 4.9.4 και αυτές πιο πριν είχαν τρία θέματα ασφαλείας τα οποία διορθώθηκαν με την έκδοση 4.9.5. Τα λάθη είναι τα παρακάτω:

 

  • Switch to `wp_safe_redirect()` when redirecting the login page when SSL is forced
  • Escape HTML returned from `get_the_generator()`
  • Disallow localhost in `wp_http_validate_url()`

Περισσότερα εδώ.

Αυτή η έκδοση διορθώνει ένα σοβαρό bug της έκδοσης 4.9.3, το οποίο προκαλεί πρόβλημα στην αυτόματη λειτουργία αναβάθμισης που έχουν μερικές ιστοσελίδες. Για αυτό τον λόγο χρειάζεται χειροκίνητη ενημέρωση.

Για περισσότερες πληροφορίες πατήστε εδώ.

 

Η έκδοση 4.9.3 διορθώνει 34 bugs στης βασικής έκδοσης 4.9, συμπεριλαμβανομένου των widgets, visual editor, και την συμβατότητα της PHP 7.2.

Για περισσότερα δείτε εδώ.