BackupBuddy, a commercial plugin from iThemes that performs scheduled backups with remote storage options, has patched a vulnerability that allowed for arbitrary file download by unauthenticated users. iThemes published an advisory for its users, indicating that the vulnerability affects versions 8.5.8.0 through 8.7.4.1 and is being actively exploited. Wordfence reviewed its data and found that…
WordPress’ Security Team announced it will be dropping support for versions 3.7 through 4.0 on December 1, 2022. To give some context for how old these versions are, in 2013, WordPress 3.7 introduced automatic background updates and 3.8 updated the admin with a new design based on the MP6 plugin. WordPress’ official policy is that…
During last week’s Editor chat meeting, Automattic-sponsored Gutenberg contributor Andrei Draganescu reported that he is “slowly but definitely going to introduce distraction free mode,” a project he has been working on since early explorations began in February. The PR he referenced (#41740) is an extension of those explorations that takes the mode even further towards the…
Wouldn’t it be convenient to select a sentence or paragraph and instantly wrap it with quotes by tapping on the quote key? This is a fun little feature that was tucked into the Gutenberg 13.9 changelog last month with very little fanfare: Rich text: Add character shortcuts for wrapping selection. (42469) The new shortcut is…
WP Super Cache, one of the oldest and most widely used static caching plugins for WordPress, is changing hands. After 15 years, the plugin’s author, Donncha Ó Caoimh, is handing over maintenance and development to Jetpack’s performance team. If you have been building WordPress sites since the early days, you are almost guaranteed to have…
Yesterday, we published allegations from Gijo Varghese against UpdraftPlus, the makers of WP-Optimize. Varghese is founder of FlyingProxy, a competing company, and identifies himself as a “performance enthusiast.” He accused the plugin of “cheating Pagespeed and other tools” by hiding JavaScript files from loading when users test their sites through popular performance testing tools. The…
Gijo Varghese, a developer who calls himself a “web performance enthusiast,” shocked WordPress users around the world over the weekend when he tweeted a screenshot of how WP-Optimize is allegedly preventing select JavaScript files from loading when users test their sites through popular performance testing tools. “When a site is loaded, the JavaScript files are…
Block themes are expanding to include more niches beyond the simple one-column blogging themes, and Catch Themes is one of the companies at the forefront of this new frontier. Pentatonic, the company’s latest release on WordPress.org, is a free theme created for band and musicians. The theme uses core blocks to create sections that showcase…
Automattic-sponsored designer James Koster has a vision for taking WordPress’ Site Editor from its beta awkwardness and transforming it to become a more visual and user-friendly design tool. In a recent post titled Revising the presentation of key Site Editor features, Koster identifies unbalanced feature weighting as a critical design flaw that is negatively impacting users’…
Last week Performance team contributors were working on refining their follow-up patches for the multi-mime/WebP feature, after the main work for it was merged into core for 6.1 at the end of July. This includes smaller related items like the shim for non-supporting browsers and adding PDF support, which are being handled in separate tickets.…
In the days before Gutenberg, the maturity of the WordPress theme ecosystem offered a diverse selection of dozens of well-known starter themes where developers were likely to find one that suited their individual preferences or could easily be modified. Theme authors have frequently asked if there is a good starter theme for building block themes,…
WooCommerce.com is bringing back a feature that made it possible for customers to test extensions in a sandbox environment before purchasing them. Select extensions can be loaded up on a private test site for 30 days before the site self-destructs. Although WooCommerce.com already offers a 30 day money back guarantee if users are unhappy with…
In July, WordPress’ Themes and Meta teams collaborated to add a new “Block Themes” menu item to the filter menu on the directory homepage in an effort to improve block themes’ visibility. Block themes currently account for less than 2% of the directory’s 9,900 themes but activating one is the only way users can take advantage…
In celebration of World Photography Day, WordPress’ Photo Directory team has issued a challenge designed to get people contributing: Submit a photo that captures something unique about your local area, in a way that helps represent the geographic diversity of the WordPress community. Since its launch, the WordPress Photo Directory has grown to 3,633 free,…
YITH, a WooCommerce plugin development company that was acquired by Newfold Digital in March 2022, has released its first block theme on WordPress.org. YITH Wonder is now listed among 122 other block themes that support full-site editing and have recently gained their own menu link in the directory to improve their visibility. YITH Wonder includes…