Contact Form 7 has patched a critical file upload vulnerability in version 5.3.2, released today by plugin author Takayuki Miyoshi. The plugin is installed on more than five million WordPress sites. “An unrestricted file upload vulnerability has been found in Contact Form 7 5.3.1 and older versions,” Miyoshi said. “Utilizing this vulnerability, a form submitter…
All hands on deck. 2021 will be the year of the Site Editor. Anne McCarthy announced the official start of the Full-Site Editing (FSE) Outreach Program last Friday on the Make Core blog. The program is primarily geared toward end-users. With few channels for average users to communicate with the development team, this offers an…
Mapbox GL JS, formerly an open source JavaScript library for interactive, customizable vector maps, has adopted a proprietary license in its recent version 2 update: mapbox-gl-js is no longer under the 3-Clause BSD license. By upgrading to this release, you are agreeing to Mapbox terms of service. Refer to LICENSE.txt for the new licensing terms and details.…
Block-based themes are not complicated. Their structure is almost simple enough that developers are unlikely to need a tool to generate a blank theme. However, for those unfamiliar with how themes are built for the upcoming full-site editing (FSE) feature, a boilerplate is a good place to start. The Theme Experiments repository now has a…
WordPress.org has officially launched its new “Learn WordPress” platform, a free educational resource that includes courses, workshops, quizzes, lesson plans, and discussion groups. The material spans the spectrum of WordPress experience from beginners to advanced, and and allows users to learn asynchronously at their own pace. After a successful beta launch in August, the platform…
Two weeks ago, Ashan Jay released LifePress to the WordPress plugin directory. It is an interactive, front-end calendar for tracking past events — a journal of sorts. For a version 1.0 launch, it has enough features with just the right touch of simplicity to show promise. This is not Jay’s first rodeo when it comes…
Fast, a startup backed by Stripe, has just added WooCommerce support to its new Fast Checkout experience. The company was co-founded in March 2019, by Domm Holland and Allison Barr Allen, with investment from Stripe, Index Ventures, Susa Ventures, and Global Founders Capital. It has received $22.5M in funding to reduce the friction that remains…
Update some of the things. That was the goal that Jon Quach, a Principal Designer at Automattic, laid out in the roadmap for integrating the G2 Components project into Gutenberg and, eventually, core WordPress. The project is a reimagining of the pieces that make the block editor, a “from-scratch” overhaul of the component system. Updating…
BuddyPress 7.0.0 “Filippi” was released this week, following WordPress 5.6 to ensure compatibility. This version was named for Filippi’s Pizza Grotto in California. It requires WordPress 4.9+, but sites that are not using the block editor will miss out on many of the new features that make BuddyPress websites easier to customize. The first set of community…
On Tuesday of this week, Munir Kamal released version 2.4 of his EditorPlus plugin. Aside from a few bugs and making sure the plugin was compatible with WordPress 5.6, he added an icon selector for the Button block and SVG shape overlays for the Image block. This is on top of a new “Extend Core…
GitHub Universe, the company’s annual marquee product and community event, took place this week, bringing users a flurry of new features. Dark mode is now in public beta and can be activated under the Settings menu or set to follow system preferences. Discussions is a new feature that GitHub unveiled at its Satellite event in…
WordCamp US 2020, previously scheduled for October, was cancelled due to pandemic stress and online event fatigue. Organizers did not opt for running it as an online event, but Matt Mullenweg’s annual State of the Word address will be delivered virtually this year. It will be streamed on Facebook, YouTube, and Twitter on Thursday, Dec 17th, 2020 at…
WordPress 5.6 “Simone,” named in honor of American performer and civil rights activist Nina Simone, was released today and is now available for download. The release was led by an all-women release squad, a first in WordPress history. The new version includes many enhancements for the block editor, accessibility improvements, application password support for the…
Automattic has acquired MailPoet, a popular email marketing solution for WordPress, to give WooCommerce store owners more integrated email management capabilities in the admin. The plugin is used by more than 300,000 websites for everything from building a mailing list to managing transaction and abandoned cart emails. The nine-year old company is now a team…
Easy WP SMTP has patched a vulnerability that allows attackers to capture the password reset link from the plugin’s debug log file and gain unauthorized access to the site. The plugin is used by more than 500,000 WordPress sites to configure and send all outgoing emails via a SMTP server so they are less likely…
Enter your email address to subscribe to this blog and receive notifications of new posts by email.