Researchers at Sucuri are reporting that the WP Mobile Detector plugin has been patched for an arbitrary file upload vulnerability that is being actively exploited in the wild. The plugin, which was temporarily removed from the WordPress Plugin Directory, had more than 10,000 active installs before the exploits began. According to Sucuri, the majority of…
The Jetpack team launched developer.jetpack.com this week, a searchable code reference for actions, filters, and features found in the plugin. Although Jetpack is developed to be highly extensible, up until now there was no centralized place for developers to find documentation. The reference features new hooks added in the most recent version and can also…
Do you notice anything different about the Tavern’s URL? We recently enabled SSL on the site. Although the transition from HTTP to HTTPS was relatively smooth, we encountered a few issues. Postmatic Thought The Tavern Disappeared Soon after making the switch, we received error notices from Postmatic when trying to moderate comments via email. Because…
WordPress for Android version 5.4 was released this week with a couple of exciting new features and the eagerly anticipated new visual editor. The editor received a complete rewrite to use WebView, which allows the app to render and edit HTML via ContentEditable. The app’s developers had to work around a few bugs with WebView…
In this episode of WordPress Weekly, Marcus Couch and I discuss the news that’s made headlines in recent weeks, including WordPress’ birthday as the project turns 13 years old. We discuss the gesture of good will from Syed Balkhi donating the WP.org domain to the WordPress Foundation. Last but not least, I share some of…
UpThemes co-founder Chris Wallace announced this week that the theme company has been acquired by Andy Wilkerson of Parallelus, a successful Themeforest author. The two met at PressNomics and worked out a deal for the sale of everything related to UpThemes, including some unreleased themes and the managed hosting business the company launched last year.…
If you’ve ever clicked on a URL to WP.org and ended up on WPBeginner.com within the past two years, you’re not alone. It routinely happens on discussion forums like the Advanced WordPress Facebook group and Twitter where referencing WP.org turns into a link to WPBeginner.com. A great example occurred in 2015 when Antti Kuosmanen tweeted…
The WordPress Theme Directory will soon be rolling out new and updated tags for filtering the 3,800+ free themes hosted there. After a year of discussion and preparation of core and meta trac tickets, the Theme Review team finalized its proposal for overhauling the tags. Theme authors are now encouraged to update their themes to…
WordCamp Europe 2016 is sold out as of last week. With 2200 people expected to attend, it will be the largest WordPress event in history. Attendees representing 68 different countries will gather in Vienna for two days of sessions and networking on June 24-25th. Those unable to attend the event can now sign up for…
After receiving 182 applications from cities all over the world, the WordPress Community Team has selected three locations for the WordCamp Incubator program: Denpasar, Indonesia Harare, Zimbabwe Medellín, Colombia Representatives from the thirteen other short-listed locations are encouraged to organize a local WordPress meetup and will have the help of Community Team mentors as needed.…
Jetpack 4.0.3 is a security release that contains an important fix for a critical vulnerability that has been present in the plugin since version 2.0, released in 2012. According to Jetpack team member Sam Hotchkiss, a stored XSS vulnerability was found in the way that some Jetpack shortcodes are processed, which allows an attacker to…
There’s a lot of great WordPress content published in the community but not all of it is featured on the Tavern. This post is an assortment of items related to WordPress that caught my eye but didn’t make it into a full post. Chris Lema Launches Beyond Good Chris Lema has launched a new site…
In early 2015, the WordPress.org Meta team redesigned the WordPress plugin directory and added a number of new features. In an effort to iterate on the page’s layout, the Meta Team has published prototypes of a new design for the plugin directory’s home and search results pages. The prototypes are inspired by Get WordPress, a…
In this episode, Marcus Couch and I are joined by James Giroux, Envato’s WordPress evangelist. We discuss a number of topics including what he’s accomplished since taking over the position in January, the item support policy change, and author driven pricing. We also find out what his favorite part of the job is and what…
BuddyPress core developer Hugo Ashmore announced a new trial initiative this week that aims to create a library of CSS and JavaScript snippets to help users customize their communities. The Style Modules project will aggregate community-submitted code that enhances BuddyPress components in a plug-and-play manner. Developers who want to contribute to the project can submit…