People of WordPress: Hauwa Abashiya

This month we feature Hauwa Abashiya, a project manager in Nigeria and the UK, whose passion for community support led her to an adventure in open source. The People of WordPress series features inspiring stories of how people’s lives can change for the better through WordPress and its global community of contributors. As we travel through life, … Read more

The WordPress Ecosystem is Becoming More Secure with Responsible Disclosure Becoming More Common

The Wordfence 2022 State of WordPress Security Report was released on January 24th, 2023. One area that we reviewed in this report were the vulnerabilities disclosed in 2022. Keeping in mind that some vulnerabilities affected multiple plugins, themes, and WordPress core, a total of 2,370 vulnerabilities were reported in 2022. The top five vulnerability categories … Read more

All In One SEO Pack Vulnerabilities Impacting 3 Million Sites Patched

On January 26, 2023, the Wordfence Team responsibly disclosed two vulnerabilities in All In One SEO Pack, a WordPress plugin installed on over 3 Million sites which provides search engine optimization tools designed to help content creators optimize their sites and reach more users. Both reported issues were Stored Cross-Site Scripting vulnerabilities with one of … Read more

WP Briefing: Episode 50: 3 Interesting Trends from WordCamp Asia

On Episode fifty of the WordPress Briefing podcast, join WordPress Executive Director Josepha Haden Chomphosy as she explores the three big trends from the inaugural WordCamp Asia. Have a question you’d like answered? You can submit them to wpbriefing@wordpress.org, either written or as a voice recording. Credits Editor: Dustin HartzlerLogo: Javier ArceProduction: Santana InnissSong: Fearless First by Kevin … Read more

Wordfence Intelligence CE Weekly Vulnerability Report (Feb 13, 2023 to Feb 19, 2023)

Wordfence has curated an industry leading vulnerability database with all known WordPress core, theme, and plugin vulnerabilities known as Wordfence Intelligence Community Edition. This database is continuously updated, maintained, and populated by Wordfence’s highly credentialed and experienced vulnerability researchers through in-house vulnerability research, vulnerability researchers submitting directly to us using our CVE Request form, and … Read more