Record Bounty Awarded as Critical Privilege Escalation Vulnerability Patched in LiteSpeed Cache Plugin

The LiteSpeed Cache Plugin, widely used to enhance the speed and performance of WordPress websites, recently patched a critical unauthenticated privilege escalation vulnerability (CVE-2024-28000). With over 5 million active installations, this plugin is a critical tool for many WordPress users. John Blackbourn, a member of the Patchstack Alliance community, reported the vulnerability and was awarded $14,400, marking the highest bounty …

Critical Vulnerability Patched in GiveWP Plugin

GiveWP, a popular donation plugin for WordPress, has patched an unauthenticated PHP Object Injection to Remote Code Execution vulnerability that could be exploited to execute arbitrary code remotely and delete files. This plugin from the Liquid Web family of products has 100k+ active installs.  villu164 (Villu Orav) reported the vulnerability through the Wordfence Bug Bounty Program and netted a bounty …

Elementor Pro Pricing Update Slashes Features in the Essential Plan for New Customers

Elementor, the most popular website builder plugin for WordPress with more than 5 million active installations, has announced major changes coming to the features included in its Elementor Pro Essential subscription plan. The plan will still include the Theme Builder along with access to 50+ Pro widgets, basic marketing tools, and the Form widget, but it will shift other more …

Newspack Plugin Update Checker Lets Users Update from GitHub

Adam Schweigert, an independent media and technology consultant, has released a plugin called Newspack Plugin Update Checker that enables self-hosted Newspack users to keep their plugins up-to-date. The Newspack project was launched in 2019 by WordPress.com, with support from the Google News Initiative, the Knight Foundation, and The Lenfest Institute. It provides local news organizations a powerful, yet cost effective …

Add Icons to WordPress’ Core Button Block

Nick Diego, a developer advocate at Automattic and core contributor, is the author of the popular Icon Block plugin that enables users to add custom SVG icons and graphics to the WordPress block editor. He is often asked if the plugin can add icons to the core Button block, but that is outside the scope of what it does. Last …

TaxoPress Adds New AI Integrations for Generating Taxonomy Terms

TaxoPress, a plugin that allows users to create and manage Tags, Categories, and taxonomy terms, has joined a growing number of WordPress products using AI to innovate and enhance user experience. The latest release adds support for OpenAI and IBM Watson to auto-detect the best taxonomy terms for content. “Honestly, I’m amazed how good these services are,” TaxoPress founder Steve Burge said. “For …

Ollie Dash Plugin Now Available for Ollie Block Theme

The Ollie block theme, created by Mike McAlister and Patrick Posner, now has a companion plugin available called Ollie Dash. The theme made headlines earlier this month after a contentious WordPress.org review process led its authors to remove the innovative onboarding features. Ollie was approved for WordPress.org but without the time-saving onboarding features its authors initially hoped to include. Testing …

WordPress Reverts Live Preview Button on Plugins After Developer Backlash

Last week WordPress meta contributors implemented a “Live Preview” button for plugins in the official directory, with the intention of allowing users to safely test any plugin in one click. The button went live across all of WordPress.org’s 59,000+ plugins but took plugin developers by surprise as it was pushed through without any communication or input from stakeholders. The implementation …

Matthaus Klute Acquires Social Link Pages Plugin

WordPress developer Corey Maass has sold his Social Link Pages plugin to Matthaus Klute, an independent WordPress consultant and developer with Alpha Particle. It’s another story of small plugins changing hands, where developers get the opportunity to test ideas and business models. Even the most modest creations have value in a thriving marketplace where business owners are willing to invest …