WordPress 2.7 released with easter egg

As I noted a few weeks ago, WordPress has had an obfuscated easter egg in it for some time.

Despite reporting this security defect / software engineering malpractice to two different WordPress folks (the author of the excellent WP development blog, and the security team’s e-mail), 2.7 was released with the easter egg. 

Hopefully, this will be resolved in a future release.

Published by vanderaj

Just another security geek

Join the Conversation


  1. I found a couple of other places where they’ve packed the JS.

    As far as I can tell, those examples are okay as they’re using it to compress the size of some externally provided libraries.

    Now that 2.7 is out, I might give it a good ol’ review whilst on Christmas holidays.

Leave a comment

Your email address will not be published. Required fields are marked *