Below you'll find a list of all posts that have been tagged as “plugins”
WordPress’ Plugin Review team is wading through a backlog that was over 900 plugins awaiting approval earlier this week. The current count has 870 plugins sitting in the review queue, with an average wait time of 61 days before initial review. WordPress developer Marcus Burnette drew attention to the matter on Twitter after submitting a plugin he created to display …
ConvertKit has updated its official WordPress plugin and WooCommerce add-on to support a range of new features. More than 40,000 sites use ConvertKit’s plugin to integrate their newsletters, email campaigns, and digital products with WordPress. The service is free for the user’s first 1,000 subscribers but offers more automated features and third party integration on its paid tiers. The latest …
Snicco, a WordPress security services provider, has published an advisory on a vulnerability in the MalCare plugin, which is active on more than 300,000 sites. “MalCare uses broken cryptography to authenticate API requests from its remote servers to connected WordPress sites,” WordPress security researcher Calvin Alkan said. “Requests are authentication by comparing a shared secret stored as plaintext in the WordPress …
A new era has begun for WordPress.org’s Plugin Review Team. Mika Epstein, who has served for the past decade, is stepping down, but not before launching a new crew of volunteers. The team is responsible for approving newly submitted plugins, maintaining the Plugin Reviewer Handbook, as well as investigating any reported security issues and guideline violations. Historically, the Plugin Review …
WPMU DEV’s free all-new and improved Broken Link Checker plugin saves you the time and tedious hassle of handling crucial link management tasks across all your WordPress sites. “I have been looking to find an easier way to check for broken links. Thank you for making this tool so accessible.” Dena, WPMU DEV Member Broken links are a negative indicator of …
Really Simple SSL, a popular plugin used on more than five million sites for installing SSL certificates, handling website migrations, mixed content, redirects, and security headers, has added a new feature in its most recent major update. Version 7.0.0 introduces vulnerability detection as part of a partnership with WP Vulnerability, an open source, free API created by Javier Casares with …
During the 2022 State of the Word, Matt Mullenweg announced a plan to add new “Community” and “Commercial” taxonomies for the theme and plugin directories that would help users more quickly ascertain the purpose of the extensions they are considering. Shortly after the announcement, instructions were published for theme and plugin authors to opt into the new taxonomies. The new …
A new MariaDB Health Checks plugin is now available on WordPress.org, thanks to the efforts of contributors involved in the 2023 CloudFest Hackathon which took place in Germany. MariaDB is a popular open source database used by those looking to further scale their websites, as it is generally faster than MySQL with better support for a concurrent number of connections. …
On May 5, Patchstack published a security advisory about a high severity reflected cross-site scripting (XSS) vulnerability in ACF (Advanced Custom Fields), potentially affecting more than 4.5 million users. WP Engine patched the vulnerability on May 4, but the Akamai Security Intelligence Group (SIG) is reporting that attackers began attempting to exploit it within 24 hours of Patchstack’s publication. “Once …
Essential Addons for Elementor, a plugin with more than a million active installs, has patched an unauthenticated privilege escalation vulnerability in version 5.7.2. The vulnerability was discovered on May 8, 2023, and reported by Patchstack researcher Rafie Muhammad. It was given a 9.8 (Critical severity) CVSS 3.1 score and is not yet known to have been exploited. Muhammad outlined the vulnerability …
