Page 4 of 20
In this report, 108 vulnerabilities have been publicly disclosed. Security patches for 77 of these plugins and themes are now available. Please run these updates as soon as possible. If you’re a Solid Security Pro user, the version management tool… Continue Reading →
100,000 WordPress Sites Affected by Privilege Escalation Vulnerability in AI Engine WordPress Plugin
On October 4th, 2025, we received a submission for a Sensitive Information Exposure vulnerability in AI Engine, a WordPress plugin with more than 100,000 active installations. This vulnerability can be exploited by unauthenticated attackers to extract the bearer token and… Continue Reading →
Layout Packs provide a fast head start, but they rarely align with your brand out of the box. Swapping colors, fonts, and images across dozens of modules means you’re suddenly an hour deep into work you thought would take ten… Continue Reading →
WordPress 6.9 Beta 3 is available for download and testing! This beta version of the WordPress software is still under development. Please don’t install, run, or test this version of WordPress on production or mission-critical websites. Instead, you can evaluate… Continue Reading →
Migrating servers is a complex process that involves many moving parts. One of the most challenging aspects of server migration is dealing with DNS propagation. When you update your DNS records to point to a new server, it can take… Continue Reading →
In previous posts on this blog, we have explored WordPress block development from various angles. We have examined the development of both static and dynamic blocks and extended the functionality of core blocks. However, the approach we have taken so… Continue Reading →
The Themes team is seeking representatives for the year 2026. It’s time to submit your nominations! Please leave a comment in the section below to nominate a team member. Based on the nominations, two or three representatives will be selected… Continue Reading →
On Thursday, October 30, 2025, 15:00 UTC, a team meeting started in #accessibility facilitated by @krupajnanda. You can read the full transcript or see the meeting agenda. WordPress 6.9 Release Party Schedule Help Test WordPress 6.9 WordPress 6.9 Beta 2 WP A11y Docs update October 2025 Updates… Continue Reading →
On October 11th, 2025, we received a submission for an Account Takeover via Email Log Disclosure vulnerability in Post SMTP, a WordPress plugin with more than 400,000 active installations. This vulnerability makes it possible for an unauthenticated attacker to view… Continue Reading →
Divi 5‘s modern design tools make it easy to build clean, conversion-focused pricing layouts. In this free pack, you’ll find 11 Pricing Menus — each available in a Styled version for a polished look out of the box and an… Continue Reading →
Kinsta evolves with customer needs, business realities and challenges of the modern web LOS ANGELES — November 3, 2025 — Kinsta, a leading managed hosting provider for WordPress, is announcing new bandwidth-based hosting plans alongside its existing visitor-based plans. The… Continue Reading →
Divi 5 continues to add features that make it easier to design right inside the builder. The Group Carousel Module is one of them. It lets you build swipeable carousels that slide smoothly into your layouts. You can use it… Continue Reading →
If you’ve spent any amount of time building websites with WordPress and/or WooCommerce, you know that it can be time-consuming to display your content the way you actually want. With the combination of Divi 5‘s Loop Builder and Theme Builder,… Continue Reading →
What are the best social media scheduling tools on the market? We wanted to find out, so we tested out all of the leading social media schedulers to see what…
We are happy to announce that Kinsta is attending Web Summit from November 10-13 at the MEO Arena in Lisbon. As one of Europe’s largest tech events, Web Summit brings together global tech leaders and new voices to connect and… Continue Reading →
Popups get a bad reputation, but that’s only because most websites misuse them. When you build them with purpose and timing in mind, they turn casual browsers into subscribers and window shoppers into buyers. We’ll show you five ways to… Continue Reading →
I’m so happy to see this land and excited to see its progress! Great work.
Responsive grids shouldn’t require dozens of media queries and custom CSS overrides. But until recently, that’s exactly what most page builders demanded. Divi 5’s CSS Grid framework changes that, providing you with layouts that adapt fluidly across screen sizes without… Continue Reading →
Black Friday is one of the busiest shopping weekends of the year for WooCommerce stores. It’s also one of the most stressful. A sudden wave of shoppers can push your site to its limits, causing slow load times, errors at… Continue Reading →
This is the proposed agenda for the bi-weekly Accessibility Team meeting on Thursday, October 30, 2025, 15:00 UTC WordPress 6.9 Release Party Schedule Help Test WordPress 6.9 WordPress 6.9 Beta 2 WP A11y Docs update October 2025 Updates from the working group… Continue Reading →
In reply to Amber Hinds. It’s not bad, not at all, but a system like the one you propose could penalize a company or developer that has been delivering code without problems for years but that, in the latest update,… Continue Reading →
That’s a great move! When the PCP Checker was released, it helped us a lot in identifying and fixing issues across all the plugins we develop for WordPress and WooCommerce. We’d love to see even stricter security checks built into… Continue Reading →
On September 25th, 2025, we received a submission for a Privilege Escalation vulnerability in WP Freeio, a WordPress plugin bundled in the Freeio premium theme with more than 1,700 sales. This vulnerability makes it possible for an unauthenticated attacker to… Continue Reading →
I’d be interested in seeing public badges or data on plugin pages at some point that make this more transparent for users when comparing plugins. Even if it’s just flagging in the positive – something like X past releases with… Continue Reading →
As an important part of the internet, the WordPress community, actively thinks about the security of the ecosystem. Community members, developers, specialized companies, and independent researchers all play a role in maintaining the security of the environment. In the Plugins… Continue Reading →
Grid recently became an integrated part of Divi 5, bringing a different approach to building layouts. Grid gives you control over both horizontal and vertical placement simultaneously. That flexibility comes with a trade-off: there are way more settings to understand…. Continue Reading →
The Wordfence Threat Intelligence Team recently discovered a sophisticated malware campaign targeting WordPress e-commerce sites, specifically those using the WooCommerce plugin. This malware exhibits advanced features including custom encryption methods, fake images used to conceal malicious payloads, a robust persistence… Continue Reading →
In this report, 118 vulnerabilities have been publicly disclosed. Security patches for 66 of these plugins and themes are now available. Please run these updates as soon as possible. If you’re a Solid Security Pro user, the version management tool… Continue Reading →
Want to turn your audience into your biggest marketing asset? User-generated content, or UGC, makes it possible. When used well, it builds trust, grows your community, and fills your content…
