Wordfence just launched its bug bounty program. Over the next 6 months, all awarded bounties receive a 10% bonus. View the announcement to learn more now! Last week, there were 79 vulnerabilities disclosed in 64 WordPress Plugins and no WordPress themes Continue reading Wordfence Intelligence Weekly WordPress Vulnerability Report (October 30, 2023 to November 5, 2023)
In this issue of Delicious Brain Bytes, we take a look at what’s coming in WordPress 6.4, awards that honor the best in WordPress and awards that honor the ability to cough up $20, why LLM prompts sometimes work best Continue reading Delicious Brain Bytes: WordPress 6.4, Awards Season, and the Future of Yelling at Your Computer
The web as we know it simply wouldn’t exist without our old friend Hypertext Transfer Protocol (HTTP). The latest iteration, HTTP/3, promises to revolutionize the way we interact with the web. In this article, we’ll delve into the differences between Continue reading Is HTTP/3 the Future of the Web?
Bun is an all-in-one JavaScript runtime and toolkit created with the explicit goals of serving as a drop-in replacement for Node.js, eliminating separate layers of tooling, and speeding up the development experience. In this article, we’ll look at how Bun Continue reading A Short Guide to Using Bun
This year, GreenGeeks is noted as a sponsor for WordPress Accessibility Day. This event starts on the 27th of September and is a 24-hour global event. That means you can attend the live talks regardless of what time zone in Continue reading WordPress Accessibility Day, September 2023
On August 18, 2023, the Wordfence Threat Intelligence team initiated the responsible disclosure process for two PHP Object Injection vulnerabilities in the Essential Blocks plugin for WordPress, a plugin with over 100,000 installations. We received a response three days later Continue reading Two PHP Object Injection Vulnerabilities Fixed in Essential Blocks
In this issue of Delicious Brain Bytes, we look into contentious methods for measuring productivity in software development, new releases from ACF, WP Migrate, WP Offload SES, and WP Offload Media, the final results from the first-ever ACF user survey, Continue reading Delicious Brain Bytes: Measuring Developer Productivity, New Releases, ACF Survey Results, and the State of WordPress Dev Tools
There’s a pretty good chance that CSS is one of the most consistently used tools in your kit. It’s highly familiar and often used, so much so that it’s easy to overlook the fact that CSS is always advancing, with Continue reading Catching Up on CSS Features
After eight years of general availability, no one can say MySQL 5.7 didn’t have a good run. MySQL 5.7 officially reaches its End of Life (EOL) in October 2023. The good news is that MySQL 8.0 offers enhanced security, potential Continue reading What MySQL 5.7 EOL Means for WordPress Developers
Last week, there were 29 vulnerabilities disclosed in 24 WordPress Plugins and no WordPress themes that have been added to the Wordfence Intelligence Vulnerability Database, and there were 18 Vulnerability Researchers that contributed to WordPress Security last week. Review those Continue reading Wordfence Intelligence Weekly WordPress Vulnerability Report (July 31, 2023 to August 6, 2023)
When WP Engine acquired and open-sourced Frost—the block-based Full Site Editing theme—in 2021, one of our core objectives was to enable its widespread distribution to an expanding user base. By doing so, we aimed to help WordPress builders familiarize themselves Continue reading Building With Modern WordPress, Locally
Code review is an integral part of the development cycle, with a direct impact on quality. Whether you’re focused on web, plugin, or theme development, thorough code review can help you improve your final product. In this article, we look Continue reading Getting the Best Results From WordPress Code Reviews
Alongside our usual work to discover, report, and remediate vulnerabilities in the WordPress ecosystem, the WordPress Threat Intelligence team has been conducting a deep-dive into WordPress plugin code with the objective of finding methods to bypass authentication and gain elevated Continue reading Critical Security Update: Directorist WordPress Plugin Patches Two High-risk Vulnerabilities
As promised in a previous post, 2FA for WordPress.org accounts is now ready to test as an opt-in feature. Note: this feature is for logging in to the WordPress.org web site itself; it does not affect your personal WordPress If Continue reading Two-Factor Auth available to test on WordPress.org
This post does not constitute a final decision, but is a proposal on wording, and call for input on, a suggested stance from the WordPress.org support community on how AI-generated resources or replies can and should be used across the Continue reading Suggested stance on the use of AI-tooling
I would like to approve translation for our plugin(s). Please add the following WordPress.org users as translation editors for their respective locales: Name : Essential Addons for Elementor URL : https://wordpress.org/plugins/essential-addons-for-elementor-lite/ ShareTweetSharePostSharePin It!
I would like to approve translation for our plugin(s). Please add the following WordPress.org users as translation editors for their respective locales: Name : Elementor Website Builder – More than Just a Page Builder URL : https://wordpress.org/plugins/elementor/ ShareTweetSharePostSharePin It!
PTE Request for Syrus I am the theme author for Syrus. We have a number of great translation editors that we’d like to be able to approve translation for our theme. I’d also like to become a PTE for our Continue reading PTE Request for Syrus I…
openverse Merged PRs #2194: Remove focused playwright test so all tests run; fix broken tests ShareTweetSharePostSharePin It!
I’ve suggested translations for this 360notify and would like to have them reviewed. I’d also like to become a PTE. I also confirm that I’ve read the style guide and/or glossary for the persian locale. Name: 360notify URL: https://wordpress.org/plugins/360notify ShareTweetSharePostSharePin Continue reading PTE Request for 360notify