10 Things to Consider When Building a WordPress Blog

The advent of WordPress has revolutionized the way people build websites. Whether you’re an amateur blogger or a business owner, you can build awesome looking and high-performing websites using WordPress. It lets you create stunning websites and blogs in just a few clicks.

Even if you’re a novice, it won’t take you too long to get a hang of the platform. The best part is that you get access to a treasure trove of plugins to add useful features and improve your website’s functionality.

You can also choose from a diverse array of eye-catching themes to make your website visually…


More Info

Loginizer WordPress Vulnerability Affects +1 Million Sites

WordPress Loginizer Plugin has issued a security patch for a vulnerability that could allow a hacker to modify a database through an Unauthenticated SQL Injection exploit.

This kind of exploit, also known as a Blind SQL Injection, relies on entering data into an input in order to trigger an error response. In this case the input is a username.

The Loginizer WordPress plugin didn’t have a way to sanitize the input, which means it didn’t have a way to compensate for an erroneous input. This caused the plugin to create an error situation.

According to the WPScan description of the Loginizer…


More Info

First FSE WordPress Theme Now Live – WordPress Tavern

Q WordPress theme screenshot.

Themes Team representative Ari Stathopoulos is now officially the first theme author to have a theme in the directory that supports full-site editing (FSE). With a slimmed-down beta release of FSE shipping in WordPress 5.6 this December, someone had to be the first to take the plunge. It made sense for someone intimately familiar with theme development and the directory guidelines to step up.

In many ways, it is a huge responsibility that Stathopoulos has taken on. Until one of the default Twenty* themes handles FSE, the Q theme will likely be one of…


More Info

Over one million WordPress sites receive forced update to security plugin after severe vulnerability discovered

Loginizer, a popular plugin for protecting WordPress blogs from brute force attacks, has been found to contain its own severe vulnerabilities that could be exploited by hackers.

The flaw, discovered by vulnerability researcher Slavco Mihajloski, opened up opportunities for cybercriminals to completely compromise WordPress sites.

The flaw can be exploited if a user attempts to log into a Loginizer-protected website with a carefully-crafted username. Vulnerable versions of Loginizer did not properly validate and sanitise the username to prevent SQL injection and Cross-Site Scripting (XSS)…


More Info

WordPress sites receive update to security plugin after vulnerability discovered

Loginizer, a popular plugin for protecting WordPress blogs from brute force attacks, has been found to contain its own severe vulnerabilities that could be exploited by hackers.

The flaw, discovered by vulnerability researcher Slavco Mihajloski, opened up opportunities for cybercriminals to completely compromise WordPress sites.

The flaw can be exploited if a user attempts to log into a Loginizer-protected website with a carefully-crafted username. Vulnerable versions of Loginizer did not properly validate and sanitise the username to prevent SQL injection and Cross-Site Scripting (XSS)…


More Info

MakeStories 2.0 Launches Editor for WordPress, Rivaling Google’s Official Web Stories Plugin – WordPress Tavern

Recipe slide from the MakeStories WordPress plugin.

Earlier today, MakeStories launched version 2.0 of its plugin for creating Web Stories with WordPress. In many ways, this is a new plugin launch. The previous version simply allowed users to connect their WordPress installs to the MakeStories site. With the new version, users can build and edit their stories directly from the WordPress admin.

Version 2.0 of the plugin still requires an account and a connection with the MakeStories.io website. However, it is simple to set up. Users can log in without leaving their WordPress admin…


More Info

GoDaddy’s partner business president on building a lucrative career designing and developing WordPress sites

As I mentioned last month, GoDaddy has been making a series of strategic investments into properties that are quite useful to WordPress administrators and developers. Between hosting and these investments, GoDaddy has a unique insight into the always-evolving WordPress business.

GoDaddy’s Patrick Pulvermüller

I had the opportunity to (virtually) sit down with Patrick Pulvermüller, president of the Partners Business at GoDaddy, to explore GoDaddy, GoDaddy’s involvement with WordPress, and how WordPress professionals can succeed in our…


More Info

You Definitely Need These WordPress Plugins If you Want your Business Websites to Flourish

There are close to 57,000 WordPress Plugins from which one can choose several for their business websites. But this might make it a bit too complicated for newcomers to select a WordPress Plugin that will help their business websites in flourishing throughout. Needless to say, there have been several questions from users regarding WordPress plugins that serve several purposes like social media, SEO, speed, backups, etc. 

These are the few must-have WordPress Plugins that one absolutely needs to use for their business websites.

WP Forms is a WordPress Plugin

– Advertisement…


More Info

WordPress deploys forced security update for dangerous bug in popular plugin

The WordPress security team has taken a rare step last week and used a lesser-known internal capability to forcibly push a security update for a popular plugin.

WordPress sites running the Loginizer plugin were forcibly updated this week to Loginizer version 1.6.4.

This version contained a security fix for a dangerous SQL injection bug that could have allowed hackers to take over WordPress sites running older versions of the Loginizer plugin.

Loginizer is one of today’s most popular WordPress plugins, with an…


More Info

WordPress Gutenberg 9.2 – Dozens of Improvements

WordPress Gutenberg 9.2 is here and it comes with a security fix and many improvements, bringing Gutenberg closer to being a fully developed way of creating web pages.

Security Fix

This security fix addresses a particularly nasty form of attack called a Regular Expression Denial of Service (ReDoS) attack. A ReDos attack causes a server to overload CPU usage, bringing the server to a halt.

Image Alt Text Fallback

The next notable change is to add an alt text fallback for when no alt text is specified. Gutenberg will use the caption as the alt text.

It’s arguably not an ideal solution because…


More Info