Important Features Your WordPress Hosting Setup Must Have

With the whole world jumping into the digital era, WordPress has somewhat become essential for nearly every business or content creator. The need for digital content, advertisement, and marketing has left its traditional counterparts far behind in the race. And, WordPress is one of the key driving forces for the same. At its core, it is a democratized means of building one’s website. 

How ‘democratized’?

Democratizing publishing is the main aim of WordPress. WordPress is an ‘open-sourced’ content management system allowing anyone to operate or modify the…

More Info

Kick off Block-Based WordPress Theme Development With the Theme.json Creator – WordPress Tavern

Gutenberg 9.1 made a backward-incompatible change to its theme.json file (experimental-theme.json while full-site editing is under the experimental flag). This is the configuration file that theme developers will need to create as part of their block-based themes. Staying up to date with such changes can be a challenge for theme authors, but Ari Stathopoulos, a Themes Team representative, wrote a full guide for developers.

Jon Quach, a Principal Designer at Automattic, has also been busy creating a tool to help theme authors transition to block-based themes. He recently built a…

More Info

WP Bakery WordPress Vulnerability Affects Millions of Sites

Researchers discovered a vulnerability in WP Bakery page builder that allows an attacker to inject malicious JavaScript into pages and posts. The vulnerability allows an attacker to inject code into pages and posts that then attacks site visitor browsers.

Authenticated Stored Cross-Site Scripting (XSS) Vulnerability

Cross-site scripting vulnerabilities are characterized by an attacker gaining the ability to target the browsers of visitors through the use of malicious scripts that were surreptitiously placed on a website.

XSS attacks are among the most prevalent type of vulnerabilities.


More Info

WordPress 5.6 Due December 2020 is Scaled Back

WordPress had intended to include the menu navigation screen in Gutenberg 9.1 and WordPress 5.6. Development fell behind and it was decided to remove it from WordPress 5.6 and focus on the Gutenberg widgets screen functionality instead.

Gutenberg Navigation Screen

Gutenberg is a WordPress project whose goal is to modernize the process of building websites. Gutenberg uses a drag and drop interface.

The Gutenberg part of WordPress however is still under development, it’s an ongoing project. The different parts of building a website are rolled out one at a time as they are finished.

More Info

Exploring Full-Site Editing With the Q WordPress Theme – WordPress Tavern

I have been eagerly awaiting the moment when I could install a theme and truly test Gutenberg’s full-site editing feature. By and large, each time I have tested it over the past few months, the experience has felt utterly broken. This is why I have remained skeptical of seeing the feature land in WordPress 5.6 this December.

The Q theme by Ari Stathopoulos is the first theme that seems to be a decent working example. Whether that is a stroke of luck with timing or that this particular theme is simply built correctly is hard to tell — Stathopoulos is a team rep for the Themes…

More Info

Post Grid WordPress Plugin Flaws Allow Site Takeovers – Threatpost

Team Showcase, a sister plugin, is also vulnerable to the XSS and PHP object-injection bugs — together they have 66,000 installs.

Two high-severity vulnerabilities in Post Grid, a WordPress plugin with more than 60,000 installations, opens the door to site takeovers, according to researchers. To boot, nearly identical bugs are also found in Post Grid’s sister plug-in, Team Showcase, which has 6,000 installations.

The issues are a cross-site scripting (XSS) flaw as well as a PHP object-injection issue. Both bugs are pending CVE…

More Info

Here’s how to install it

Cloudflare announced a new site speed optimization service called Automatic Platform Optimization. The service launched with support for WordPress, but it requires several steps to enable it for self-hosted sites.

To help sites perform better with Google’s Core Web Vitals, Cloudflare debuted a new feature called Automatic Platform Optimization (APO). Cloudflare claims that using the APO on WordPress – the only platform that is currently supported – results in “a 72% reduction in Time to First Byte (TTFB), 23% reduction to First Contentful Paint, and 13% reduction in Speed…

More Info

Cloudflare Partners with WordPress – Free to $5/month

Cloudflare announced a new service that dramatically speeds up any WordPress website with improvements of up to 72% in Time to First Byte. Cloudflare is partnering with hosting to provide the new service for free. Anyone not hosted there can claim sign up for as little as $5 per month. Sites on modest shared hosts can experience dramatic improvements in speed.

The service is called, Automatic Platform Optimization (APO). Sites using APO have improved Time to First Byte (TTFB) by 72% and Largest Contentful Paint by 23%.

Shared Hosting Bottlenecks Solved

Shared hosting has…

More Info

Jetpack 9.0 to Introduce New Feature for Publishing WordPress Posts to Twitter as Threads – WordPress Tavern

Jetpack 9.0, coming on October 6, will debut a new feature that allows users to share blog posts as Twitter threads in multiples tweets. A recent version of Jetpack introduced the ability to import and unroll tweetstorms for publishing inside a post. The 9.0 release will run it back the other way so the content originates in WordPress, yet still reaps all the same benefits of circulation on Twitter as a thread.

The new Twitter threads feature is being added as part of Jetpack’s Publicize module under the Twitter settings. After linking up a Twitter account, the Jetpack sidebar…

More Info