WordPress is approaching its 20th anniversary, and for the majority of those years, contributors have cranked out a new default theme. Even though the structure and supported features of default themes have drastically changed over the years, contributors are still actively maintaining all 13 of the “Twenty” themes. A new proposal on WordPress.org recommends winding…
On May 5, Patchstack published a security advisory about a high severity reflected cross-site scripting (XSS) vulnerability in ACF (Advanced Custom Fields), potentially affecting more than 4.5 million users. WP Engine patched the vulnerability on May 4, but the Akamai Security Intelligence Group (SIG) is reporting that attackers began attempting to exploit it within 24…
Themeum, a WordPress theme and plugin company founded in 2013, has acquired the Kirki Customizer Framework plugin from its former developer, David Vongries. In April 2023, Vongries announced he was sunsetting the product and discontinuing development. He put the plugin up for sale for $30K and sold it for just under the asking price. “I met the…
WP Engine has launched an annual survey for Advanced Custom Fields (ACF), one of the plugins it acquired from Delicious Brains in 2022. ACF reports more than 4.5 million active users, including PRO site installs, and WP Engine Product Manager Iain Poulson reports that the plugin is “growing in every way since the acquisition.” ACF…
Essential Addons for Elementor, a plugin with more than a million active installs, has patched an unauthenticated privilege escalation vulnerability in version 5.7.2. The vulnerability was discovered on May 8, 2023, and reported by Patchstack researcher Rafie Muhammad. It was given a 9.8 (Critical severity) CVSS 3.1 score and is not yet known to have been…
WordCamp US 2023, which is being held August 23-25 in National Harbor, has opened its call for speaker applications. If financial considerations are preventing anyone from applying, there are scholarships and grants available to help cover travel expenses. WCUS is now accepting applications for the Kim Parsell Memorial Scholarship for travel. This particular scholarship applies…
The WordPress Themes Directory is now hosting more than 300 block themes, a milestone for the dedicated theme developers who have persevered through the growing pains and evolution of block theming. WP Engine is one of the newest theme authors who helped put the directory over the 300 mark with its submission of Frost. With…
WooCommerce 7.7.0 was released this week with Multichannel Marketing now out of beta. This is the first thing store owners see when they visit the Marketing page in the dashboard. It allows users to connect additional sales channels, such as Google, Amazon, and eBay, and automatically manage inventory across storefronts. This addition makes WooCommerce more…
WordPress’ Community Team hailed a new era of WordCamps in its recent announcement outlining a significant shift in the purpose for the events. In the past, WordCamps have had a mostly predictable format of presenting inspirational talks on exciting things people are doing with WordPress, business topics, and the latest trends, with short networking opportunities…
As AI-powered technology is rapidly evolving to exponentially extend human capabilities, WordPress contributors do not want the platform to get left behind. AI-powered website creation could even become a threat to its existence, more than a competing CMS, if WordPress doesn’t ensure the platform is easily pluggable for AI-powered extensions. A new discussion on the…
Advanced Custom Fields (ACF) has patched a reflected XSS vulnerability that affects versions 6.1.5 and below of ACF and ACF Pro, potentially impacting more than 2+ million users. It was discovered by Patchstack researcher Rafie Muhammad in May 2, 2023, and patched by ACF developers in version 6.1.6 on May 4, 2023. Patchstack published a security…
Gutenberg 15.7 was released this week, adding Site Logo upload and replacement from the inspector controls sidebar. This feature is still available in the block toolbar but it feels like a natural addition to the inspector, as it was previously available in a similar fashion in the Customizer. Here users can easily adjust the logo…
Caseproof, makers of MemberPress, has acquired WishList Products, the parent company of WishList Member and CourseCure. The Wishlist team, with the exception of co-founder Tracy Childers, will continue supporting and developing the products under the leadership of Caseproof founder Blair Williams. WishList Member is one of the longest running WordPress membership plugins with a 14-year…
WordPress’ Themes Team has released a new block theme called Stacks as part of the Community Themes initiative proposed earlier this year. The goal is to bring together representatives of the team to build block themes year round, the same way that default themes are built and officially supported. Stacks was designed for one purpose…
WordPress’ Marketing team has launched a new campaign called “From Blogs to Blocks” in anticipation of the project’s upcoming 20th anniversary. The WordPress community is celebrating this major milestone through various activities and local meetups that are being held around the world throughout the month of May. “From Blogs to Blocks creates intentional moments for the…