Building Featured Boxes With the WordPress Block Editor – WordPress Tavern

It is a new day with another chase for that elusive block plugin that will bring a little joy into my life. Today’s experiment comes courtesy of the Feature Box plugin by Sumaiya Siddika. It is a simple block that allows end-users to upload an image and add some content to an offset box.

The plugin’s output is a typical pattern on the web. As usual, I am excited to see plugin authors experimenting with bringing these features to WordPress users. I want to see more of it, especially from first-time plugin contributors.

I was able to quickly get the block up and running, adding…

More Info

WordPress force installs Jetpack security update on 5 million sites

Automattic, the company behind the WordPress content management system, force deploys a security update on over five million websites running the Jetpack WordPress plug-in.

Jetpack is a remarkably popular WordPress plug-in that provides free security, performance, and website management features, including brute-force attack protection, site backups, secure logins, and malware scanning.

The plugin has more than 5 million active installations, and it is developed and maintained by Automattic, the company behind WordPress.

Jetpack tweet

No in the wild exploitation

The vulnerability was found in…

More Info

A critical vulnerability in a WordPress plugin under active attack, risking over 17,000 websites

A zero-day vulnerability allows attackers to upload malicious files on e-commerce websites, eventually taking over their databases for customer information.

(Image for representation: Reuters)


  • A new security risk has been discovered by the Threat Intelligence team at Wordfence.
  • The vulnerability affects a WordPress plugin that allows the upload of images and PDF files for products.
  • A threat report states that it is under active attack since January 30, 2021.

A new vulnerability has been found in a WordPress plugin that affects over 17,000 websites. The vulnerability is actively being…

More Info

Weekly threat roundup: Froala, WordPress, Siemens

Patch management is far easier said than done, and security teams may often be forced into prioritising fixes for several business-critical systems, all released at once. It’s become typical, for example, to expect dozens of patches to be released on Microsoft’s Patch Tuesday, with other vendors also routinely getting in on the act.

Below, IT Pro has collated the most pressing disclosures from the last seven days, including details such as a summary of the exploit mechanism, and whether the vulnerability is being exploited in the wild. This is in order to give teams a sense of which bugs…

More Info

Custom User Avatar Plugins for WordPress – WordPress Tavern

You know what one of the great things about open source is? Others can use a project’s code, share it wholesale, modify it, and/or distribute their changes. These are the pillars upon which WordPress stands. It is a beautiful thing to watch in practice.

Most often, it means we can build off the shoulders of those giants who came before us, continually improving the software for ourselves and others. It is how WordPress got its start nearly two decades ago as a fork of the b2/cafelog blogging system.

Sometimes, it just means having the freedom to give your friend a copy of…

More Info

Fast and easy tips to choosing the best theme for your WordPress site