WordPress core contributor Alex Shiels has published a proposal for a WordPress.org block directory that would host JavaScript-based, single block plugins. The directory would make blocks searchable and installable from within the Gutenberg editor. Building a directory for discovering blocks and seamlessly installing them is one of the nine projects that Matt Mullenweg identified as…
Freemius, a monetization, analytics, and marketing library for WordPress plugin and theme developers, patched an authenticated option update vulnerability in its wordpress-sdk four days ago. The library is included with many popular plugins, such as NextGEN Gallery (1,000,000+ installs), 404 – 301 (100,000+ installs), WP Security Audit Log (80,000+ installs), and FooGallery (100,000 installs+). Freemius…
WordPress 5.1 has been downloaded more than 3.6 million times since its release last week and work on 5.2 is now underway. The upcoming release will be led by Matt Mullenweg with Josepha Haden acting as Release Coordinator. Gary Pendergast posted a proposed scope and schedule that would have 5.2 arriving April 23, 2019. One…
Wapuu Dashboard Pet is a new plugin from Kayleigh Thorpe and the team at WordPress hosting company 34SP.com. It is essentially a WordPress Tamagotchi, or digital pet, that resides in your dashboard and monitors the health of the site. The plugin checks to make sure WordPress has been updated (plugins, themes, and core) and backups…
Bootstrap has released versions 4.3.1 and 3.4.1 to patch an XSS vulnerability (CVE-2019-8331) that was reported to the Bootstrap Drupal project by a developer and then responsibly disclosed to the Bootstrap development team. The vulnerability specifically affects usage of the tooltip and popover features: Earlier this week a developer reported an XSS issue similar to…
WPBrigade, the developers behind the Simple Social Buttons plugin, have patched a critical privilege escalation vulnerability. The security issue was discovered by the team at WebARX. Developer and researcher Luka Å ikić summarized the vulnerability in a post published this week: Improper application design flow, chained with lack of permission check resulted in privilege escalation and…
Ultimate Blocks, one of the many Gutenberg block collections that have sprouted up, launched before WordPress 5.0 with eight blocks. The collection has since doubled in size, adding features like accordions, social sharing buttons, tabbed content, a progress bar, and star-ratings. Many block collections are loosely organized around serving a specific user demographic. This one…
Over the weekend, many WPML customers received an unauthorized email from someone who claimed to have hacked the company’s website and gained access to customer emails. WPML founder Amir Helzer suspects that the attacker is a former employee. “The customer is an ex-employee who left an exploit on the server (not WPML plugin) before leaving.…
On Saturday, January 19, WPML customers started reporting having received an email from someone who seems to have hacked the plugin’s website and gained access to customer information. https://twitter.com/gytisrepecka/status/1086753453429481473 The hacker claims to be a disgruntled customer who had two websites hacked due to vulnerabilities in the WPML plugin: WPML came with a bunch of…
CoBlocks, one of the earliest block collections for Gutenberg, has added new page building blocks and tools in the latest 1.6 release. ThemeBeans founder Rich Tabor and plugin developer Jeffrey Carandang partnered together on this iteration of CoBlocks to bring users new Row and Columns blocks and a Typography Control Panel. The Row and Column…
If you visit the plugin directory, you will notice a new section at the top featuring block-enabled plugins. WordPress 5.0 has been downloaded more than 8 million times, just one week after its release, and users are looking for blocks to extend the new editing experience. WordPress.org is highlighting plugins to push the block ecosystem…
Version 1.0 of the official AMP plugin for WordPress was released on the eve of WordCamp US, after two years in development by contributors from Automattic, XWP, and Google. This first stable version has a massive changelog with 30 people credited for their contributions. The plugin is now considered ready for production and is active…
The new Gutenberg editor has basic support for galleries with a few nice features, such as the ability to set the number of columns and automatically crop thumbnails for a more uniform appearance. If you need more control over your galleries, Rich Tabor’s Block Gallery plugin is currently the best option made specifically for use…
WordPress 5.0 will ship with a code block in the new editor but it doesn’t include syntax highlighting. The code is currently wrapped in pre tags. During the earlier days of Gutenberg’s development, the HTML block had syntax highlighting but the team was not satisfied with its implementation and decided to pull it until they…
Jetpack 6.8 was released today, introducing the plugin’s first set of blocks for Gutenberg. The necessary infrastructure was added in version 6.6 and all existing features that touch the editor are in the process of being ported over to blocks. This release includes blocks for payment buttons, forms, maps, and markdown. The Contact Form module…