Concerns over the European Union’s Cyber Resilience Act (CRA)

As the world’s most popular open source content management system, WordPress acknowledges the European Union’s initiative to bolster the cybersecurity of digital hardware and software products with the Cyber Resilience Act (CRA). The Act’s effort to counter the increasing threat of cyberattacks and promote informed usage of digital products with increased security updates and transparency … Read more

WebToffee Addresses Authentication Bypass Vulnerability in Stripe Payment Plugin for WooCommerce WordPress Plugin

On June 8, 2023, our Wordfence Threat Intelligence team identified and began the responsible disclosure process for an Authentication Bypass vulnerability in WebToffee’s Stripe Payment Plugin for WooCommerce plugin, which is actively installed on more than 10,000 WordPress websites. This vulnerability makes it possible for an attacker to gain access to the accounts of users … Read more

WordPress 6.3 RC3

WordPress 6.3 RC3 is ready for download and testing. This version of the WordPress software is under development. Please do not install, run, or test this version on production or mission-critical websites. Instead, you should evaluate RC3 on a test server and site.  The WordPress 6.3 release is scheduled for August 8, 2023—just one week … Read more

People of WordPress: Ihtisham Zahoor

From administrator to web developer thanks to the supportive WordPress community. Through learning from other software users in Pakistan, Ihtisham Zahoor knew that his life would change. He moved cities and careers to make his life through open source. The People of WordPress series shares inspiring stories of how people’s lives can change for the better through … Read more