WooCommerce published an advisory about an XSS vulnerability while Wordfence simultaneously advised about a critical vulnerability in a WooCommerce plugin named Dokan Pro. The advisory about Dokan Pro warned that a SQL Injection vulnerability allows unauthenticated attackers to extract sensitive information from a website database. Dokan Pro WordPress Plugin The Dokan Pro plugin allows user … Read more
Automattic, the company behind WordPress.com, Jetpack, WooCommerce and more, have announced a new program to woo Agencies into their ecosystem of products with more ways to earn revenue. This new program could be seen as putting Automattic into direct competition with closed source systems like Wix and Duda but there are clear differences between all … Read more
Last month WordPress released a way to create or test WordPress sites on the desktop but the app was limited to Apple Mac devices. This month WordPress announces that WordPress Studio is now available for Microsoft Windows. According to WordPress, Microsoft Windows users account for over 25% of WordPress developers. But it’s possible that non-developers … Read more
Joost de Valk, the creator of Yoast SEO plugin, has created a new (and free) plugin for solving a site architecture problem that can silently diminish a website’s ability to rank. Site Architecture Site architecture is an important SEO factor because a well-organized website with clear navigation helps users quickly get to the content and … Read more
WP Rocket, the WordPress page speed performance plugin, just announced the release of a new version that will help publishers optimize for Largest Contentful Paint (LCP), an important Core Web Vitals metric. Large Contentful Paint (LCP) LCP is a page speed metric that’s designed to show how fast it takes for a user to perceive … Read more
WordPress has rolled out an update with version 6.5, introducing native support for the lastmod element in sitemaps. This move streamlines search engine crawl efficiency, potentially enhancing website visibility. The announcement comes from Gary Illyes, a member of Google’s Search Relations team, who took to LinkedIn to commend the WordPress developer community for their efforts. … Read more
Thankfully, there are plenty of steps you can take to protect your WordPress website. Easy WordPress Security Basics When setting up your WordPress site security, there are some basic things you can do to beef up your protection. Below, we will take a look at some of the first things you should do to help … Read more
WordPress announced the rollout of Studio by WordPress, a new local development tool that makes it easy for publishers to not just develop and update websites locally on their desktop or laptop but is also useful for learning how to use WordPress. Learn about Studio and other platforms that are make it easy to develop … Read more
WordPress security scanner WPScan’s 2024 WordPress vulnerability report calls attention to WordPress vulnerability trends and suggests the kinds of things website publishers (and SEOs) should be looking out for. Some of the key findings from the report were that just over 20% of vulnerabilities were rated as high or critical level threats, with medium severity … Read more
WordPress released an official plugin that adds support for a cutting edge technology called speculative loading that can help boost site performance and improve the user experience for site visitors. Speculative Loading Speculative loading is a technique that fetches pages or resources before a user clicks a link to navigate to another webpage. The official … Read more
WordPress announced the 6.5.2 Maintenance and Security Release update that patches a store cross site scripting vulnerability and fixes over a dozen bugs in the core and the block editor. The same vulnerability affects both the WordPress core and the Gutenberg plugin. Cross Site Scripting (XSS) An XSS vulnerability was discovered in WordPress that could … Read more
The popular Beaver Builder WordPress Page Builder was found to contain an XSS vulnerability that can allow an attacker to inject scripts into the website that will run when a user visits a webpage. Beaver Builder Beaver Builder is a popular plugin that allows anyone to create a professional looking website using an easy to … Read more
WordPress security researchers at Patchstack published their annual State of WordPress Security whitepaper that showed an increase of high and critical severity vulnerabilities, highlighting the importance of security for all websites on the WordPress platform. XSS Is Top WordPress Vulnerability Of 2023 There are many kinds of vulnerabilities but the most common by far was … Read more
Researchers have issued advisories for eleven separate Elementor add-on plugins with 15 vulnerabilities that can make it possible for hackers to upload malicious files. One of them is rated as a high threat vulnerability because it can allow hackers to bypass access controls, execute scripts and obtain sensitive data. Two Different Kinds Of Vulnerabilities The … Read more
A widely used add-on plugin for a popular WordPress site builder installed an anti-piracy script that essentially unpublishes all posts. WordPress developers are livid, with some calling the script a malware, a backdoor, and a violation of laws. BricksUltimate Add-On For Bricks Builder Bricks site builder is a site building platform for WordPress that is … Read more
WordPress.com and Bluehost announced a new managed WordPress cloud hosting solution that offers optimized WordPress performance features unavailable to traditional shared, VPN and dedicated hosting environments. The new managed WordPress cloud service handles virtually all of the technical details for maintaining a fast and secure website with 100% uptime. Managed WordPress Hosting Managed WordPress hosting … Read more
The Cwicly WordPress website builder toolkit announced that they are shutting down by the end of the year and refunding all 2024 clients. The decision forced developers to halt current projects and begin the process of migrating client websites to other WordPress site builder platforms. It is an unexpected end to what was regarded as … Read more
Bricks Visual Site Builder for WordPress recently patched a critical severity vulnerability rated 9.8/10 which is actively being exploited right now. Bricks Builder Bricks Builder is a popular WordPress development theme that makes it easy to create attractive and fast performing websites in hours that would costs up to $20,000 of development time to do … Read more
