The Jetpack Scan team has published a summary of two issues recently discovered in the WP Fastest Cache plugin – an Authenticated SQL Injection vulnerability and a Stored XSS Via CSRF vulnerability. “If exploited, the SQL Injection bug could grant attackers access to privileged information from the affected site’s database (e.g., usernames and hashed passwords),” Automattic security research engineer Marc Montpas …
WordPress Global Community Sponsorship Program Will Not Include WordCamps for 2022
The proposal for the 2022 Global Community Sponsorship program will not include funding for WordCamps again this year, due to the unpredictability of hosting in-person events. The pandemic continues to make conditions unfavorable in many areas of the world where WordCamp and meetup organizers have opted to continue with virtual events. In the past, the Global Community Sponsorship program has …
WordPress.org Profiles Now Show Activity for Contributions Made on GitHub
WordPress.org profiles got an update over the weekend that will make them a better reflection of contributors’ efforts on GitHub. Users can now authorize GitHub to detect their activity on the WordPress GitHub organization and display it on their profiles. “Currently we’re tracking New Issues submitted (by you), Closed Issues (by you), Pull requests submitted (by you), Pull requests merged …
WPCloudDeploy Brings Site and Server Management to the WordPress Admin
WPCloudDeploy recently launched version 4.10.5 of its rapidly-maturing WordPress plugin of the same name. The project is a WordPress-native replacement for SaaS services like Cloudways, Ploi, SpinupWP, and others. Customers still need to hook up to a cloud server provider, such as Digital Ocean, Linode, AWS, or elsewhere. However, the project seeks to cut out the middleman for developers and …
Contextually Display Content With the Block Injector Plugin
Jamie Marsland, the founder of Pootlepress, reached out a few weeks ago, asking for feedback on a beta version of Block Injector. It was a commercial plugin his team at Pootlepress was gearing up to launch. Earlier this week, they released an updated version that he said he was happy with as an initial release. For a first outing, it …
The HeroPress Network Launches as a Multi-Project Portal
Husband-and-wife duo Topher and Cate DeRosia announced the launch of the The HeroPress Network earlier today. It is a collection of content from various sites they are working on in a centralized location. “Its overarching goal is to be a hub,” said Cate DeRosia. “It will display the newest items from around the HeroPress Network, as well as news from …
GiveWP Launches Peer-to-Peer Fundraising Add-On
The GiveWP team announced an extension of its flagship donation plugin for allowing peer-to-peer (P2P) fundraising in late September. The solution should make the project even more appealing than before for those looking to break from third-party donation services and go the self-hosted route. The first version rolls out individual and team fundraising pages, leaderboards, campaign sponsor support, and more. …
Facebook Outage Rekindles Push for a Free and Open Web
Facebook, Workplace, Instagram, and WhatsApp went down today for roughly six hours due to a Border Gateway Protocol (BGP) configuration error. Cloudflare describes BGP as “the postal service of the Internet.” It is responsible for routing Facebook’s traffic and making all of its domains accessible to visitors. To be more precise (and Geek Factor 5) the BGP routes serving Facebook's …
Logtivity: A WordPress Activity Log Service With Customizable Charts, Alerts, and CSV Exports
Launched by Ralph Morris and Steve Burge in June this year, Logtivity is a plugin and service that allows site owners to track everything that happens on their WordPress installs. The duo has made continual updates to the plugin since. In the past couple of months, they have added deep integration with Easy Digital Downloads. They are also planning to …
Gutenberg 11.6 Improves the Global Styles UI, Adds Child Theme Support
Gutenberg 11.6 landed yesterday. Contributors added dozens of enhancements and bug fixes. Admittedly, there was not a whole lot that excited me as a user about this release. Typography options for the Post Title block. Nice. Cropping for the Site Logo. A necessary addition. Toolbar button for converting old Gallery blocks to the new — still experimental — format. Sweet. …