Tumblr and WordPress Strike Deals to Sell Public User Data to AI Giants OpenAI and Midjourney

openai cgpt logo s diw 24

In recent news that may unsettle many Tumblr and WordPress enthusiasts, reports have emerged suggesting that these tech behemoths have entered into agreements with AI giants to monetize user data.

Understanding the Deals

In essence, this entails the tacit approval of user-generated content being utilized by machine learning algorithms for various purposes.

Implications of the Agreements

The revelation follows an initial disclosure by 404 Media regarding another impending deal aimed at providing additional data for AI learning models.

Internal Communications

While the specifics of the data involved remain unclear, indications point towards the parent company of these prominent platforms, widely utilized by content creators globally, nearing the culmination of such agreements.

Data Privacy Concerns

Internal communications purportedly shared by Tumblr indicate significant progress in this direction, including the transmission of data that was not intended to be part of the transaction.

Controversial Content

The content in question has sparked controversy, encompassing private articles from prominent public blogs, including those that have been deactivated or suspended. Additionally, unreplied queries and private responses, as well as open-topic discussions, have been implicated. Notably, content originating from other affiliated forums, previously under the ownership of Apple, has also been mentioned.

Engineering Response

Reports suggest that Automattic engineers have compiled lists containing post IDs earmarked for exclusion, yet the precise nature of the data shared with these AI entities remains undisclosed.

Company Silence

Amidst widespread speculation, both companies have maintained a veil of secrecy. However, recent statements indicate that public content submitted by WordPress and Tumblr may still be subject to utilization, disregarding user opt-out preferences.

READ  GoDaddy sponsors WordCamp Asia 2024, bringing together the WordPress community TradingView News

User Privacy Assurance

Automattic’s latest announcement appears consistent with prior reports, albeit couched in diplomatic language emphasizing community feedback as a priority.

Updates and Clarifications

Update: WordPress VIP Manager at Automattic assures customers that their data remains secure and is not shared as part of any negotiated arrangement. The company reaffirms its commitment to safeguarding customer privacy and refrains from sharing data without explicit consent.

Update 2: Automattic clarifies that they proactively block major AI platform crawlers by default, including those from leading tech companies, and continually update their lists to reflect emerging entities. WordPress.com and Tumblr offer features to prevent search engine indexing, ensuring content privacy. Similar protocols are enforced across both platforms to deter AI crawlers, with indexing prevention automatically activated where applicable. Notably, only public content hosted on WordPress.com and Tumblr from non-opted-out sites is shared

openai cgpt logo s diw 24

Vulnerability Details

WP Fastest Cache, designed to improve website performance by caching pages and enhancing user experience, was found to contain an SQL injection flaw. Tracked as CVE-2023-6063, this vulnerability has a severity score of 8.6.

Risk Assessment

SQL injection vulnerabilities allow attackers to manipulate SQL queries, granting unauthorized access to the website’s database. Given that WordPress databases often store sensitive information such as user data, account passwords, and configuration settings, the risk posed by this vulnerability is substantial.

Exploitation and Impact

Exploiting this vulnerability could lead to the exposure of confidential information stored within the website’s database. Additionally, attackers could potentially execute arbitrary SQL code, compromising the integrity and security of the affected websites.

READ  WordPress 6.2.2 Restores Shortcode Support in Block Templates, Fixes Security Issue - WP Tavern

Mitigation Measures

The developer of WP Fastest Cache has released a fix for the vulnerability in version 1.2.2. All users of the plugin are strongly advised to update to the latest version immediately to mitigate the risk of exploitation.


While the discovery of this vulnerability underscores the importance of regular security audits and timely software updates, it also highlights the ongoing challenges faced by website owners in maintaining the security of their online assets.

Additional Information

Download Statistics: WordPress.org statistics indicate that over 600,000 websites are still running vulnerable versions of the WP Fastest Cache plugin.

Leave a Reply

Your email address will not be published. Required fields are marked *