10up has published a Gutenberg Best Practices website as a public resource with tutorials, documentation, and example code. Maintaining current documentation has not been a strong point of the official Gutenberg project as the pace of the project makes it Continue reading 10up Publishes Gutenberg Best Practices Website
Making backups of WordPress websites is an important security measure, but it can also create security risks of its own. That too often comes in the form of security vulnerabilities that are in backup plugins, where even plugins with millions Continue reading Sectigo’s CodeGuard is Sharing the Files From Their Customers’ WordPress Websites With Third-Parties
Jetpack has announced changes to its Jetpack Social plugin that may impact publishers who frequently share across social media networks. Previously, users could share an unlimited number of posts automatically via their connected social media accounts. Jetpack is shuffling its Continue reading Jetpack Social Plugin Adds Paid Plan, Free Users Now Limited to 30 Shares per Month
WordPress auto-updates can be quite a divisive topic. When enabled, auto-updates can ensure that you get the latest updates as soon as they become available. This can help you mitigate certain risks, such as security holes, as fast as possible. Continue reading A look at WordPress auto updates statistics in 2022
For more than a decade, WordPress developers have been discussing how core can support plugins that require one or more other plugins in order to work. Having a standardized way of managing plugin dependencies would be a useful and time-saving Continue reading Plugin Dependencies Feature Plugin Now Ready for Testing
Last week we saw what appears to be a hacker probing for usage of the WordPress plugin BulletProof Security. That is, as you might guess based on the name, a security plugin. It has 40,000+ active installations according to wordpress.org Continue reading Amid Hacker Probing for WordPress Plugin BulletProof Security, New Vulnerability Discovered in It
WPZOOM is coming in strong with its first block theme approved for the WordPress Themes Directory. UniBlock is a beautifully designed theme that is well-suited for businesses and freelancers. The company plans to adopt the concept of full-site editing in Continue reading UniBlock: A Free Business Block Theme for WordPress
The poor treatment of WordPress plugin developers by those in control of WordPress has recently gotten attention because of an odd, largely unexplained, situation involving removing a chart showing the install growth of plugins on their WordPress Plugin Directory pages. Continue reading The “Mark Zahra” Problem That the WordPress Community Deals With
WordPress 6.1, scheduled for Novemember 2022, is packed with performance improvements some of which are said to be massive. This is what to expect. The post WordPress 6.1 Is Jam-Packed With Performance Upgrades appeared first on Search Engine Journal. ShareTweetSharePostSharePin Continue reading WordPress 6.1 Is Jam-Packed With Performance Upgrades via @sejournal, @martinibuster
Gutenberg 14.3 was released this week with drag-and-drop improvements for both the block editor and the site editor. Automattic-sponsored contributor Aaron Robertshaw published a video, illustrating how the block editor now supports dropping an image onto an empty paragraph block Continue reading Gutenberg 14.3 Improves Image Drag and Drop
Automattic’s WPScan recently claimed there was an admin+ arbitrary file access vulnerability in WPForms Lite. The entry claimed they had verified the vulnerability: [Read more] ShareTweetSharePostSharePin It!
The Shortcodes Ultimate plugin, used on more than 700,000 WordPress sites for creating things like tabs, buttons, and accordions, has patched a vulnerability in version 5.12.1. The plugin’s changelog simply says, “This update fixes a security vulnerability in the shortcode Continue reading Shortcodes Ultimate Plugin Patches CSRF Vulnerability in Version 5.12.1
In our monitoring of the WordPress Support Forum for discussions possibly discussing WordPress plugin vulnerabilities, we have recently been seeing a lot of topics involving vague claims coming from the WordPress security provider Wordfence, through their Wordfence Security plugin, that Continue reading Wordfence is Claiming That WordPress Plugin Has Vulnerability Despite Having No Idea if That is True
We are less than three weeks out from WordPress 6.1’s official release on November 1, 2022. RC 1 was released this week, marking the hard string freeze, which means 6.1 is ready to be translated. The features landing in this release Continue reading WordPress 6.1 RC 1 Released, Ready for Testing and Translation
How WordPress security companies market themselves and what they actually deliver are often far apart. Unfortunately, WordPress and security journalists are failing to provide critical coverage that would warn people about what is going on. As an example of what Continue reading Two Weeks On, Automattic’s WPScan and Patchstack Haven’t Warned About Vulnerability Impacting 600,000+ WordPress Websites
U.S. Government advisory warns of CSRF vulnerability in WordPress plugin Shortcodes Ultimate which is used by over 700,000 websites The post WordPress Vulnerability In Shortcodes Ultimate Impacts 700,000 Sites appeared first on Search Engine Journal. ShareTweetSharePostSharePin It!
WordPress plugin publishers begin supporting the new CAPTCHA alternative from Cloudflare but Contact Form 7, used by 5+ million, rejects it for one valid reason The post WordPress Plugins Begin Adopting Cloudflare CAPTCHA Alternative Turnstile appeared first on Search Engine Continue reading WordPress Plugins Begin Adopting Cloudflare CAPTCHA Alternative Turnstile via @sejournal, @martinibuster
The WordPress security provider Wordfence claims to engage in responsible disclosure of vulnerabilities: Wordfence has been performing successful vulnerability research and responsible disclosure for over a decade. [Read more] ShareTweetSharePostSharePin It!
WooSesh kicked off this week with a keynote session from WooCommerce CEO Paul Maiorana, who gave an overview of the current state of the ecosystem. More than 3.4 million websites use WooCommerce, according to Builtwith, including 25% of the top Continue reading Hosted WooCommerce Solution Coming to WordPress.com in 2023, Following Recent Launches from GoDaddy and Bluehost
Companies operating in the WordPress space have to deal with a problematic situation. While WordPress is promoted as an open source community, the head of WordPress, Matt Mullenweg, uses his various entities to exert control and influence over the community Continue reading Automattic’s Idea of Coopetition Involves Copying Data From Competitors Without Credit