WPBrigade, the developers behind the Simple Social Buttons plugin, have patched a critical privilege escalation vulnerability. The security issue was discovered by the team at WebARX. Developer and researcher Luka Šikić summarized the vulnerability in a post published this week: Improper application design flow, chained with lack of permission check (more…)
Ultimate Blocks, one of the many Gutenberg block collections that have sprouted up, launched before WordPress 5.0 with eight blocks. The collection has since doubled in size, adding features like accordions, social sharing buttons, tabbed content, a progress bar, and star-ratings. Many block collections are loosely organized around serving a (more…)
Over the weekend, many WPML customers received an unauthorized email from someone who claimed to have hacked the company’s website and gained access to customer emails. WPML founder Amir Helzer suspects that the attacker is a former employee. “The customer is an ex-employee who left an exploit on the server (more…)
On Saturday, January 19, WPML customers started reporting having received an email from someone who seems to have hacked the plugin’s website and gained access to customer information. Got same mail and there is this text on #wpml website visible now. What happened guys? #security #hack #vulnerability #0day or something? (more…)
CoBlocks, one of the earliest block collections for Gutenberg, has added new page building blocks and tools in the latest 1.6 release. ThemeBeans founder Rich Tabor and plugin developer Jeffrey Carandang partnered together on this iteration of CoBlocks to bring users new Row and Columns blocks and a Typography Control (more…)
If you visit the plugin directory, you will notice a new section at the top featuring block-enabled plugins. WordPress 5.0 has been downloaded more than 8 million times, just one week after its release, and users are looking for blocks to extend the new editing experience. WordPress.org is highlighting plugins (more…)
Version 1.0 of the official AMP plugin for WordPress was released on the eve of WordCamp US, after two years in development by contributors from Automattic, XWP, and Google. This first stable version has a massive changelog with 30 people credited for their contributions. The plugin is now considered ready (more…)
The new Gutenberg editor has basic support for galleries with a few nice features, such as the ability to set the number of columns and automatically crop thumbnails for a more uniform appearance. If you need more control over your galleries, Rich Tabor’s Block Gallery plugin is currently the best (more…)
WordPress 5.0 will ship with a code block in the new editor but it doesn’t include syntax highlighting. The code is currently wrapped in pre tags. During the earlier days of Gutenberg’s development, the HTML block had syntax highlighting but the team was not satisfied with its implementation and decided (more…)
Jetpack 6.8 was released today, introducing the plugin’s first set of blocks for Gutenberg. The necessary infrastructure was added in version 6.6 and all existing features that touch the editor are in the process of being ported over to blocks. This release includes blocks for payment buttons, forms, maps, and (more…)
Block Lab is a new tool that provides an admin interface and a templating system for creating custom Gutenberg blocks. Rob Stinson, Luke Carbis, and Rheinard Korf, all employees at XWP, kicked off the project in their own time with the goal of removing the relatively steep barrier to block (more…)
If you’re a NextGEN Gallery plugin user and have been wondering about Gutenberg compatibility, Imagely CEO Erick Danzer announced today that the plugin will ship a gallery block in a release planed for next week. The plugin is currently used on nearly a million WordPress sites (900,000+ active installs). NextGEN (more…)