It’s the time of year when we roll out delicious savings! We’re offering new customers big savings on the essential plugins trusted by top developers and agencies worldwide. Whether you’re trying to move a complex website, offload a massive media… Continue Reading →
This week I Share Do’s & Dont’s For BF/CM in 2025 [powerpress]
A WPProAtoZHost.com Company…. It’s Episode 660 and we have plugins for Posting Calendars while Monitoring Users Live, with some WordPress News. It’s all coming up on WordPress Plugins A-Z! The post Plugin Fever: Catch the WordPress Buzz with WPPlugins AtoZ!… Continue Reading →
This week I Talk About Getting A Coach For Your Business [powerpress]
100,000 WordPress Sites Affected by Privilege Escalation Vulnerability in AI Engine WordPress Plugin
On October 4th, 2025, we received a submission for a Sensitive Information Exposure vulnerability in AI Engine, a WordPress plugin with more than 100,000 active installations. This vulnerability can be exploited by unauthenticated attackers to extract the bearer token and… Continue Reading →
On October 11th, 2025, we received a submission for an Account Takeover via Email Log Disclosure vulnerability in Post SMTP, a WordPress plugin with more than 400,000 active installations. This vulnerability makes it possible for an unauthenticated attacker to view… Continue Reading →
I’m so happy to see this land and excited to see its progress! Great work.
In reply to Amber Hinds. It’s not bad, not at all, but a system like the one you propose could penalize a company or developer that has been delivering code without problems for years but that, in the latest update,… Continue Reading →
That’s a great move! When the PCP Checker was released, it helped us a lot in identifying and fixing issues across all the plugins we develop for WordPress and WooCommerce. We’d love to see even stricter security checks built into… Continue Reading →
On September 25th, 2025, we received a submission for a Privilege Escalation vulnerability in WP Freeio, a WordPress plugin bundled in the Freeio premium theme with more than 1,700 sales. This vulnerability makes it possible for an unauthenticated attacker to… Continue Reading →
I’d be interested in seeing public badges or data on plugin pages at some point that make this more transparent for users when comparing plugins. Even if it’s just flagging in the positive – something like X past releases with… Continue Reading →
As an important part of the internet, the WordPress community, actively thinks about the security of the ecosystem. Community members, developers, specialized companies, and independent researchers all play a role in maintaining the security of the environment. In the Plugins… Continue Reading →
The Wordfence Threat Intelligence Team recently discovered a sophisticated malware campaign targeting WordPress e-commerce sites, specifically those using the WooCommerce plugin. This malware exhibits advanced features including custom encryption methods, fake images used to conceal malicious payloads, a robust persistence… Continue Reading →
On October 3rd, 2025, we received a submission for an Arbitrary File Read vulnerability in Anti-Malware Security and Brute-Force Firewall, a WordPress plugin with more than 100,000 active installations. This vulnerability makes it possible for an authenticated attacker, with subscriber-level… Continue Reading →
A WPProAtoZHost.com Company…. I am Talking about unpopular ideas in WordPress today and I have a New Plugin review, some News tips, plugin extras and more all coming up on Plugin Pulse: WP Plugins A to Z Unplugged. The post… Continue Reading →
This week I Talk About Saying Yes, No, Maybe [powerpress]
Carousels are a design element that almost every site needs, whether it’s for products, testimonials, or client logos. In the past, Divi users often relied on third-party plugins or custom code to achieve their desired results. With Divi 5, that’s… Continue Reading →
A WPProAtoZHost.com Company…. It’s Episode 659 and we have plugins for Actively Logging with TweakMaster, and some WordPress News. It’s all coming up on WordPress Plugins A-Z! The post Turbocharge Your Site: WPPlugins AtoZ Drops Plugin Gold! appeared first on… Continue Reading →
This week I Talk About How Shut Downs Could Equal Opportunity [powerpress]
Local File Inclusion (LFI) occurs when user-controlled input is used to build a path to a file that is then included by the application. In WordPress (and PHP web applications in general), this means values from $_GET, $_POST, $_REQUEST, or… Continue Reading →
A WPProAtoZHost.com Company…. It’s Episode 658 and we have plugins for WebP Conversion with some Charades thrown in, and some WordPress News. It’s all coming up on WordPress Plugins A-Z! The post Rev Up Your Website: WPPluginsAtoZ’s Hottest Plugin Finds!… Continue Reading →
A WPProAtoZHost.com Company…. It’s Episode 657 and we have plugins for Public Previewing while Working on SEO, and some WordPress News. It’s all coming up on WordPress Plugins A-Z! The post Supercharge Your WP Game: WP Plugins A to Z’s… Continue Reading →
Want to wake up to sales every morning? These 5 WordPress subscription plugins help you turn one-time buyers into loyal, paying subscribers. Whether you run a digital store, membership site, or online service, this roundup shows you how to unlock… Continue Reading →
The Wordfence Threat Intelligence Team has discovered a new malware campaign that highlights the hidden risks associated with “nulled plugins”, or premium plugins that have been tampered with by third parties. This campaign is particularly concerning because it doesn’t just… Continue Reading →
