Sign in Subscribe

WordPress

Stay informed with the latest WordPress news, including updates on security, vulnerabilities, and new releases. Explore in-depth tutorials on WordPress SEO, and find guides to the best plugins, themes, and more.
13
Mar
Formidable Forms Vulnerability Let Attackers Reuse Low-Value Stripe Payments for Higher-Cost Purchases

Formidable Forms Vulnerability Let Attackers Reuse Low-Value Stripe Payments for Higher-Cost Purchases

A Formidable Forms vulnerability affecting WordPress sites could let attackers reuse low-value Stripe payments to complete more expensive purchases without paying the full amount.
3 min read
12
Mar
WordPress Releases 6.9.4 After Incomplete Security Fixes in Versions 6.9.2 and 6.9.3

WordPress Releases 6.9.4 After Incomplete Security Fixes in Versions 6.9.2 and 6.9.3

WordPress released version 6.9.4 after discovering that earlier updates failed to fully apply fixes for ten security vulnerabilities affecting versions up to 6.9.1.
4 min read
05
Mar
WordPress Introduces Plugins for Integrating OpenAI, Google Gemini, and Anthropic Claude

WordPress Introduces Plugins for Integrating OpenAI, Google Gemini, and Anthropic Claude

WordPress has released plugins that integrate OpenAI, Google Gemini, and Anthropic Claude using the PHP AI Client SDK. The plugins allow developers to add AI capabilities such as text generation, image generation, and function calling to WordPress applications.
3 min read
28
Feb
Joost de Valk Steps Back From Linux Foundation FAIR Repository Initiative

Joost de Valk Steps Back From Linux Foundation FAIR Repository Initiative

Joost de Valk has stepped away from the Linux Foundation’s FAIR repository project, citing limited financial support. The initiative seeks to decentralize software distribution and improve supply chain security.
3 min read
04
Feb
Better WP Search v1.1: A Small Plugin Refresh That Makes WordPress Search Feel Better

Better WP Search v1.1: A Small Plugin Refresh That Makes WordPress Search Feel Better

Better WP Search v1.1 modernizes a lightweight WordPress plugin that improves default search UX by redirecting single-result searches and replacing messy /?s=query URLs with clean /search/query links.
2 min read
12
Jan
WordPress Social Media Post Sparks Backlash Over FAIR Project Criticism

WordPress Social Media Post Sparks Backlash Over FAIR Project Criticism

An official WordPress.org social media post mocking the FAIR project sparked backlash from developers, raising concerns about professionalism, governance, and the future of decentralized plugin distribution in the WordPress ecosystem.
3 min read
31
Dec
Vulnerability Discovered in Redirection for Contact Form 7 WordPress Plugin

Vulnerability Discovered in Redirection for Contact Form 7 WordPress Plugin

A vulnerability in the Redirection for Contact Form 7 WordPress plugin allows unauthenticated attackers to upload or copy files under certain server configurations. Users are advised to update to version 3.2.8 or later.
1 min read
24
Nov
Critical W3 Total Cache Vulnerability Exposes Over One Million WordPress Sites to Remote Code Execution

Critical W3 Total Cache Vulnerability Exposes Over One Million WordPress Sites to Remote Code Execution

A critical vulnerability in the W3 Total Cache WordPress plugin allows unauthenticated PHP command injection, leaving hundreds of thousands of sites exposed. Learn how CVE-2025-9501 works, its risks, and the urgent steps administrators should take to secure their sites.
2 min read
10
Nov
Automattic demands rebrand of CSS framework over name similarity

Automattic demands rebrand of CSS framework over name similarity

Automattic, the company behind WordPress.com, has issued a trademark complaint to developer Kevin Geary over his CSS framework, Automatic.css, citing potential brand confusion. The dispute highlights ongoing tensions between open-source freedom and brand protection in the WordPress ecosystem.
3 min read
16
Oct
WPBakery Plugin Vulnerability Could Let Insiders Slip in Malicious Code

WPBakery Plugin Vulnerability Could Let Insiders Slip in Malicious Code

A newly disclosed vulnerability in the WPBakery Page Builder plugin allows authenticated users to inject malicious code into WordPress sites. Learn what’s affected, why it matters, and how to secure your site from this stored XSS flaw.
2 min read