Sarah Gooding

  • WordPress 6.2.1 Update Breaks Shortcode Support in Block Templates

    WordPress 6.2.1 Update Breaks Shortcode Support in Block Templates

    WordPress 6.2.1 was released yesterday and rolled out to sites with automatic background updates enabled. The update included five important security fixes. Ordinarily, a maintenance and security release can be trusted not to break a website, but many users are struggling after 6.2.1 removed shortcode support from block templates. A support forum thread tracking the…

  • WordPress 6.2.1 Released with Fixes for 5 Security Vulnerabilities

    WordPress 6.2.1 Released with Fixes for 5 Security Vulnerabilities

    WordPress 6.2.1 was released today. Those with automatic background updates enabled should see a notice in their email, as updates rolled out earlier today. This is a maintenance and security release that includes important fixes for five security vulnerabilities outlined by core contributor and release co-lead Jb Audras: The patches were backported to WordPress 4.1.…

  • New Proposal Looks to Retire Older WordPress Default Themes

    New Proposal Looks to Retire Older WordPress Default Themes

    WordPress is approaching its 20th anniversary, and for the majority of those years, contributors have cranked out a new default theme. Even though the structure and supported features of default themes have drastically changed over the years, contributors are still actively maintaining all 13 of the “Twenty” themes. A new proposal on WordPress.org recommends winding…

  • ACF Plugin’s Reflected XSS Vulnerability Attracts Exploit Attempts Within 24 Hours of Public Announcement

    ACF Plugin’s Reflected XSS Vulnerability Attracts Exploit Attempts Within 24 Hours of Public Announcement

    On May 5, Patchstack published a security advisory about a high severity reflected cross-site scripting (XSS) vulnerability in ACF (Advanced Custom Fields), potentially affecting more than 4.5 million users. WP Engine patched the vulnerability on May 4, but the Akamai Security Intelligence Group (SIG)  is reporting that attackers began attempting to exploit it within 24…

  • Themeum Acquires Kirki Customizer Framework Plugin

    Themeum Acquires Kirki Customizer Framework Plugin

    Themeum, a WordPress theme and plugin company founded in 2013, has acquired the Kirki Customizer Framework plugin from its former developer, David Vongries. In April 2023, Vongries announced he was sunsetting the product and discontinuing development. He put the plugin up for sale for $30K and sold it for just under the asking price. “I met the…

  • ACF Launches New Annual Survey

    ACF Launches New Annual Survey

    WP Engine has launched an annual survey for Advanced Custom Fields (ACF), one of the plugins it acquired from Delicious Brains in 2022. ACF reports more than 4.5 million active users, including PRO site installs, and WP Engine Product Manager Iain Poulson reports that the plugin is “growing in every way since the acquisition.” ACF…

  • Essential Addons for Elementor Patches Critical Privilege Escalation Vulnerability

    Essential Addons for Elementor Patches Critical Privilege Escalation Vulnerability

    Essential Addons for Elementor, a plugin with more than a million active installs, has patched an unauthenticated privilege escalation vulnerability in version 5.7.2. The vulnerability was discovered on May 8, 2023, and reported by Patchstack researcher Rafie Muhammad. It was given a 9.8 (Critical severity) CVSS 3.1 score and is not yet known to have been…

  • MasterWP Launches 2023 WordCamp US Travel Program with $10K in Grants for Underrepresented Speaker Groups

    MasterWP Launches 2023 WordCamp US Travel Program with $10K in Grants for Underrepresented Speaker Groups

    WordCamp US 2023, which is being held August 23-25 in National Harbor, has opened its call for speaker applications. If financial considerations are preventing anyone from applying, there are scholarships and grants available to help cover travel expenses. WCUS is now accepting applications for the Kim Parsell Memorial Scholarship for travel. This particular scholarship applies…

  • WP Engine Releases Frost, A Free Block Theme for Website Builders

    WP Engine Releases Frost, A Free Block Theme for Website Builders

    The WordPress Themes Directory is now hosting more than 300 block themes, a milestone for the dedicated theme developers who have persevered through the growing pains and evolution of block theming. WP Engine is one of the newest theme authors who helped put the directory over the 300 mark with its submission of Frost. With…

  • WooCommerce 7.7.0 Brings Multichannel Marketing Out of Beta

    WooCommerce 7.7.0 Brings Multichannel Marketing Out of Beta

    WooCommerce 7.7.0 was released this week with Multichannel Marketing now out of beta. This is the first thing store owners see when they visit the Marketing page in the dashboard. It allows users to connect additional sales channels, such as Google, Amazon, and eBay, and automatically manage inventory across storefronts. This addition makes WooCommerce more…

  • WordPress Community Team Evolves WordCamp Format to Promote Adoption, Training, and Networking for Professionals

    WordPress Community Team Evolves WordCamp Format to Promote Adoption, Training, and Networking for Professionals

    WordPress’ Community Team hailed a new era of WordCamps in its recent announcement outlining a significant shift in the purpose for the events. In the past, WordCamps have had a mostly predictable format of presenting inspirational talks on exciting things people are doing with WordPress, business topics, and the latest trends, with short networking opportunities…

  • WordPress Contributors Discuss How Core Can Better Enable AI Innovation

    WordPress Contributors Discuss How Core Can Better Enable AI Innovation

    As AI-powered technology is rapidly evolving to exponentially extend human capabilities, WordPress contributors do not want the platform to get left behind. AI-powered website creation could even become a threat to its existence, more than a competing CMS, if WordPress doesn’t ensure the platform is easily pluggable for AI-powered extensions. A new discussion on the…

  • Advanced Custom Fields Plugin Patches Reflected XSS Vulnerability

    Advanced Custom Fields Plugin Patches Reflected XSS Vulnerability

    Advanced Custom Fields (ACF) has patched a reflected XSS vulnerability that affects versions 6.1.5 and below of ACF and ACF Pro, potentially impacting more than 2+ million users. It was discovered by Patchstack researcher Rafie Muhammad in May 2, 2023, and patched by ACF developers in version 6.1.6 on May 4, 2023. Patchstack published a security…

  • Gutenberg 15.7 Adds Site Logo Upload to Inspector Controls

    Gutenberg 15.7 Adds Site Logo Upload to Inspector Controls

    Gutenberg 15.7 was released this week, adding Site Logo upload and replacement from the inspector controls sidebar. This feature is still available in the block toolbar but it feels like a natural addition to the inspector, as it was previously available in a similar fashion in the Customizer. Here users can easily adjust the logo…

  • Caseproof Acquires WishList Member

    Caseproof Acquires WishList Member

    Caseproof, makers of MemberPress, has acquired WishList Products, the parent company of WishList Member and CourseCure. The Wishlist team, with the exception of co-founder Tracy Childers, will continue supporting and developing the products under the leadership of Caseproof founder Blair Williams. WishList Member is one of the longest running WordPress membership plugins with a 14-year…