WP Briefing: Episode 29: How to Make a WordPress Blog

In the twenty-ninth episode of the WordPress Briefing, Executive Director Josepha Haden Chomphosy reminds us of our WordPress roots — blogging — and discusses the basics of starting your first blog on WordPress. Have a question you’d like answered? You can submit them to wpbriefing@wordpress.org, either written or as a voice recording. Credits Editor: Dustin HartzlerLogo: Beatriz … Read more

Critical Remote Code Execution Vulnerability in Elementor

On March 29, 2022, the Wordfence Threat Intelligence team initiated the disclosure process for a critical vulnerability in the Elementor plugin that allowed any authenticated user to upload arbitrary PHP code. Elementor is one of the most popular WordPress plugins and is installed on over 5 million websites. We sent our disclosure to the official … Read more

WordPress 6.0 Beta 1

WordPress 6.0 Beta 1 is now available for download and testing. This version of the WordPress software is under development. Please do not install, run, and test this version of WordPress on a production or mission-critical website. Instead, it is recommended that you test Beta 1 on a test server and site.  You can test … Read more

Critical Authentication Bypass Vulnerability Patched in SiteGround Security Plugin

On March 10, 2022 the Wordfence Threat Intelligence team initiated the responsible disclosure process for a vulnerability we discovered in “SiteGround Security”, a WordPress plugin that is installed on over 400,000 sites. This flaw makes it possible for attackers to gain administrative user access on vulnerable sites when two-factor authentication (2FA) is enabled but not … Read more