General

Two PHP Object Injection Vulnerabilities Fixed in Essential Blocks

by

On August 18, 2023, the Wordfence Threat Intelligence team initiated the responsible disclosure process for two PHP Object Injection vulnerabilities in the Essential Blocks plugin for WordPress, a plugin with over 100,000 installations. We received a response three days later and sent over our full disclosure on August 23, 2023. A patched version of the … Read more

WP Briefing: Episode 62: Enterprise Clients and the Business of WordPress

by

Join WordPress Executive Director Josepha Haden Chomphosy as she discusses the role WordPress Enterprise plays along with the WordPress community. Have a question you’d like answered? You can submit them to wpbriefing@wordpress.org, either written or as a voice recording. Credits Host: Josepha Haden ChomphosyEditor: Dustin HartzlerLogo: Javier ArceProduction: Brett McSherrySong: Fearless First by Kevin MacLeod Show Notes The 2023 Community Summit in … Read more

Openverse Wins the 2023 OEG Open Infrastructure Award

by

WordPress is excited to announce that Openverse has been awarded the 2023 Open Education Award for Excellence in the Open Infrastructure category! The Open Education Awards for Excellence, organized by the non-profit organization Open Education Global (OEG), celebrate people, resources, and initiatives that have significantly contributed to the open education field and community. This year, … Read more

Wordfence Intelligence Weekly WordPress Vulnerability Report (September 4, 2023 to September 10, 2023)

by

Last week, there were 107 vulnerabilities disclosed in 89 WordPress Plugins and 5 WordPress themes that have been added to the Wordfence Intelligence Vulnerability Database, and there were 36 Vulnerability Researchers that contributed to WordPress Security last week. Review those vulnerabilities in this report now to ensure your site is not affected. Our mission with … Read more