Missing Authorization Vulnerability in Blog2Social Plugin

On October 5, 2022, the Wordfence Threat Intelligence team responsibly disclosed a Missing Authorization vulnerability in Blog2Social, a WordPress plugin installed on over 70,000 sites that allows users to set up post sharing to various social networks. Vulnerable versions of the plugin make it possible for authenticated attackers with minimal permissions, such as subscribers, to … Read more

Introducing Twenty Twenty-Three

This post was written in collaboration with Lauren Stein (@laurlittle) and Anne McCarthy @annezazu). Twenty Twenty-Three is here, alongside WordPress 6.1! The new default theme offers a clean, blank canvas bundled with a collection of style variations. Style variations are predefined design options that give you the opportunity to alter the appearance of your site … Read more

WordPress 6.1 “Misha”

Welcome to “Misha” Say hello to WordPress 6.1, “Misha,” inspired by the life and work of Soviet-Norwegian jazz pianist Mikhail “Misha” Alperin. Misha introduced the work of jazz ensembles in the USSR and globally. He is also celebrated as a founding member of the Moscow Art Trio. “Misha” further refines the site-building experience. Inside WordPress … Read more