Yearly Archives: 2022

Block, FSE, Hybrid, Universal? What Do We Call These New WordPress Themes? – WP Tavern

[ad_1]

Ellen Bauer, developer and co-owner of ElmaStudio, posed the question on Twitter last week that many have been asking. What do we call these new types of WordPress themes made from blocks? She was not the first to ask. The question also came up via the Post Status Slack chat earlier this week.

The short answer is that these new themes are “block themes.”

The WordPress Themes Team decided to use this terminology in December 2021. The consensus during their meeting was to clarify the difference between block and classic themes.

The terminology has also grown organically as…

[ad_2]
More Info

PHP Everywhere Bugs Put 30K+ WordPress Sites at Risk of RCE – Threatpost

[ad_1]

wordpress plugin

The plug-in’s default settings spawned flaws that could allow for full site takeover but have since been fixed in an update that users should immediately install, Wordfence researchers said.

Tens of thousands of WordPress sites are at risk from critical vulnerabilities in a widely used plug-in that facilitates the use of PHP code on a site.

One of the bugs allows any authenticated user of any level – even subscribers and customers – to execute code that can completely take…

[ad_2]
More Info

Critical Code Execution Flaws Patched in ‘PHP Everywhere’ WordPress Plugin

[ad_1]

Thousands of WordPress websites were impacted by three remote code execution vulnerabilities that were identified in the PHP Everywhere plugin, the Wordfence team at WordPress security company Defiant warns.

With more than 30,000 downloads, the PHP Everywhere plugin is an open-source plugin designed to enable PHP code everywhere in the WordPress installation.

The latest PHP Everywhere iteration was released last month with patches for three critical vulnerabilities (CVSS score of 9.9) that could allow users with low privileges to execute code on the WordPress sites that use the plugin.

More Info

Critical RCE Flaws in ‘PHP Everywhere’ Plugin Affect Thousands of WordPress Sites

[ad_1]

WordPress

Critical security vulnerabilities have been disclosed in a WordPress plugin known as PHP Everywhere that’s used by more than 30,000 websites worldwide and could be abused by an attacker to execute arbitrary code on affected systems.

PHP Everywhere is used to flip the switch on PHP code across WordPress installations, enabling users to insert and execute PHP-based code in the content management system’s Pages, Posts, and Sidebar.

Automatic GitHub Backups

The three issues, all rated 9.9 out of a maximum of 10 on the CVSS rating system, impact versions 2.0.3 and below, and are as follows –

  • CVE-2022-24663 – Remote…
[ad_2]
More Info

Top 10 Security Tips to Keep Your WordPress Site Healthy

[ad_1]

As we go through the winter months and whether changes, many of us go to our local pharmacy and take advantage of a flu shot. We do this because maybe we have had the flu before and the second of pain from the jab is nothing in comparison to the hours and days of sickness from catching the flu bug. 

As everyone’s grandparents tell them, “An ounce of prevention is worth a pound of cure.” Keeping strong cyber security hygiene to prevent hacks saves you from expensive remediation costs, compromised data and a weakened WordPress immune system. Did you know that breached sites are more…

[ad_2]
More Info

PHP Everywhere RCE flaws threaten thousands of WordPress sites

[ad_1]

WordPress logo

Researchers found three critical remote code execution (RCE) vulnerabilities in the ‘PHP Everywhere’ plugin for WordPress, used by over 30,000 websites worldwide.

PHP Everywhere is a plugin that allows WordPress admins to insert PHP code in pages, posts, the sidebar, or any Gutenberg block, and use it to display dynamic content based on evaluated PHP expressions.

Three RCE flaws

The three vulnerabilities were discovered by security analysts at Wordfence and can be exploited by contributors or subscribers, affecting all WordPress versions from 2.0.3 and below.

Here’s a short description…

[ad_2]
More Info

The ultimate guide to the WordPress database

[ad_1]

At its core, WordPress is a CMS (Content Management System). To manage content, it needs to be able to store it. WordPress does this through folders and files, and a database. We have previously covered the WordPress filesystem in a separate article; we will focus on the database this time around.

In this article, we will be looking at the WordPress database, its structure, and how each field works. We have also included a brief history lesson on MySQL. Hint – The My in MySQL does not mean it’s yours; My is an actual person, but who? – Continue reading to find out.

Table of…

[ad_2]
More Info

Convesio looks to develop its scalable WordPress hosting platform after securing $5m – Business Leader

[ad_1]

Scaleable WordPress hosting platform Convesio has secured $5m in funding, which the company plans to use to accelerate development of its unique container-based solution and continue to disrupt a market that is slow to innovate.

Convesio is the only WordPress hosting provider to have productized scaling. Anyone can deploy a highly-scalable WordPress website in minutes, and not hours or days, which is the typical timeframe of a traditional VPS setup.

The round of funding was secured from a select group of private investors, some of whom had originally contributed to Convesio’s…

[ad_2]
More Info

Aprimo Launches New Digital Experience Platform Powered by WordPress VIP

[ad_1]

CHICAGO, Feb. 8, 2022 /PRNewswire/ — Aprimo, an industry-leading provider of digital asset management and work management solutions, today announced a brand refresh that includes an all-new digital experience platform (DXP). The platform integrates the company’s content operations platform with a best-in-class content management system and content analytics, bringing bolder brand experiences to market and the intelligence to marketers to better understand content performance and value.

The new aprimo.com is an innovative, unified marketing technology stack developed by Aprimo and…

[ad_2]
More Info

Creating Slides With the Carousel Slider Block WordPress Plugin – WP Tavern

[ad_1]

Over the weekend, Virgiliu Diaconu asked me to check out his Carousel Slider Block plugin, a project he has maintained for three years. It has slowly garnered more than 5,000 active installs since its release.

I get emails like this every day. More often than not, the projects are fundamentally broken or are a bit too spammy for my taste. Like so many others, I ask myself, Could this be one of those diamonds in the rough? I am always optimistic enough to hold out the tiniest sliver of hope.

I should preface this review by saying that I have a general dislike of sliders and…

[ad_2]
More Info