Below you'll find a list of all posts that have been tagged as “WPTavern”
Automattic has published a new project called wp-now that creates a local development environment in seconds. The tool is a NodeJS app that is powered by WordPress Playground, an experimental project that uses WebAssembly (WASM) to run WordPress in the browser. wp-now allows developers to quickly spin up a new WordPress site with their chosen theme and then open it in …
Gutenberg 15.8 was released with some exciting features that were included in the tentative WordPress 6.3 roadmap. Users are getting closer to a more unified content editing experience with the addition of the Pages menu to the Site Editor. Clicking on Pages will load the ten most recently updated pages with a link to “Manage All Pages” at the bottom …
WordPress 6.2.2 was released early this morning as a rapid follow-up to 6.2.1, which introduced a bug that broke shortcode support in block templates. Version 6.2.1 was also an important security release, but due to the catastrophic breakage for those using shortcodes in block templates, some users were implementing insecure workarounds or simply downgrading to 6.2 to keep critical functionality …
The WordPress 6.3 development cycle has begun and work is already underway on an ambitious list of features that will debut in the upcoming major release. It will cap off Phase 2 of the Gutenberg project, with an emphasis on polishing customization features and making them easier to use. WordPress 6.3 Editor Triage co-lead Anne McCarthy published a roadmap to …
WordPress may soon be getting a Command Center, which would function as a quick search component for navigating to other areas of the admin, and would also be capable of running commands. The feature was introduced in Gutenberg 15.6 under the Experimental flag and currently has limited use in the Site Editor context while navigating and editing templates. The Command …
WordPress 6.2.1 was released yesterday and rolled out to sites with automatic background updates enabled. The update included five important security fixes. Ordinarily, a maintenance and security release can be trusted not to break a website, but many users are struggling after 6.2.1 removed shortcode support from block templates. A support forum thread tracking the broken shortcodes issue shows that …
WordPress 6.2.1 was released today. Those with automatic background updates enabled should see a notice in their email, as updates rolled out earlier today. This is a maintenance and security release that includes important fixes for five security vulnerabilities outlined by core contributor and release co-lead Jb Audras: Block themes parsing shortcodes in user generated data A CSRF issue updating …
On May 5, Patchstack published a security advisory about a high severity reflected cross-site scripting (XSS) vulnerability in ACF (Advanced Custom Fields), potentially affecting more than 4.5 million users. WP Engine patched the vulnerability on May 4, but the Akamai Security Intelligence Group (SIG) is reporting that attackers began attempting to exploit it within 24 hours of Patchstack’s publication. “Once …
Themeum, a WordPress theme and plugin company founded in 2013, has acquired the Kirki Customizer Framework plugin from its former developer, David Vongries. In April 2023, Vongries announced he was sunsetting the product and discontinuing development. He put the plugin up for sale for $30K and sold it for just under the asking price. “I met the Themeum team at WordCamp Europe …
Essential Addons for Elementor, a plugin with more than a million active installs, has patched an unauthenticated privilege escalation vulnerability in version 5.7.2. The vulnerability was discovered on May 8, 2023, and reported by Patchstack researcher Rafie Muhammad. It was given a 9.8 (Critical severity) CVSS 3.1 score and is not yet known to have been exploited. Muhammad outlined the vulnerability …
