WordPress’ admin is on deck for a long-awaited makeover after Gutenberg lead architect Matías Ventura published plans for a revamped admin design as part of the Phase 3: Collaboration road map. “As WordPress turns twenty years old, the overall aim of this work is to improve upon this experience at a foundational design level, giving…
All-In-One Security (AIOS), a plugin active on more than a million WordPress sites, was found to be logging plaintext passwords from login attempts in the database and has patched the security issue in version 5.2.0. In a post titled “Cleartext passwords written to aiowps_audit_log” published to the plugin’s support forum two weeks and five days…
WordPress’ Community Team kicked off its experimental mentorship program this week, announcing that the inaugural cohort has been assigned to a group of mentors who will guide them forward on project contribution across various teams. “Our mentors offer 1:1 support to each contributor in our cohort,” Automattic-sponsored Community Team contributor Hari Shanker R said. “These…
The State of Digital Publishing, a startup market research publisher focused on digital media, is hosting an online event called WordPress Publishers Performance Summit (WPPS) on July 27, starting at 2PM EST. The organization’s mission is to help publishers develop sustainable business models through education, guides, online courses, and other resources. They have partnered with…
WordPress 6.3 will make site editing several clicks faster for users who are moving from the frontend to edit the corresponding template. When you click the “Edit Site” link in the admin bar from a category page, for example, you currently get dumped out into the Site Editor on the home page. From here it’s…
Snicco, a WordPress security services provider, has published an advisory on a vulnerability in the MalCare plugin, which is active on more than 300,000 sites. “MalCare uses broken cryptography to authenticate API requests from its remote servers to connected WordPress sites,” WordPress security researcher Calvin Alkan said. “Requests are authentication by comparing a shared secret stored…
WordPress 6.3 is scheduled to be released one month from today on August 8, 2023. The live product demo date and time has now been set for Thursday, July 20, at at 16:00 UTC. Participants can join live via this Zoom link. Automattic-sponsored Gutenberg contributors Anne McCarthy and Rich Tabor will be hosting the event, moderated by Nathan…
In a series of four posts, Gutenberg lead architect Matías Ventura has outlined the project’s phase 3 plans for Real-Time Collaboration, Workflows, Revisions, and the Media Library. WordPress 6.3 is set to be the final major release of Phase 2, which focused on Customization. Phase 3 will shift focus from the editors and move into…
Hey is a block theme designed by Automattic for users on WordPress.com and also released for free in the WordPress.org Themes Directory. It’s the kind of simple theme that enables you to quickly get started writing online, without having to configure a bunch of design elements. The homepage features a profile image (Site Logo), site…
WordPress is officially dropping support for PHP 5 in the upcoming 6.3 release, which is expected on August 8. WordPress’ minimum supported version has sat at PHP 5.6.20 since 2019, but will be updated to 7.0.0 in the next release. The recommended PHP version will stay the same at 7.4+. “The minimum supported version was last…
WordPress contributors are onto another round of testing, as 6.3 Beta 3 was released this week. RC 1 is expected on July 18, and a live product demo is anticipated to be broadcast on Thursday, July 20, 2023 at 16:00 UTC. These demos have become a more regular part of the release process and allow…
WordCamp Dhaka (Bangladesh) 2023 has been cancelled by The WordPress Community Team due to concerns of corporate influence on the community decision-making process. The camp was scheduled for August 5, and organizers had already secured a venue and progressed on moving the camp forward. The Community Team published a statement on the event’s website, which…
Authors of the Ultimate Member plugin have released version 2.6.7 with a patch for a privilege escalation vulnerability. Last week WPScan reported that Ultimate Member had still not fully patched the vulnerability after multiple inadequate attempts. There was evidence that it was being actively exploited in the wild. Working through the complexities of this security…
Enter your email address to subscribe to this blog and receive notifications of new posts by email.