WordPress security: CookieYes GDPR plugin patches XSS bug following large-scale PHP audit

Researchers claim five plugins use function insecurely – but some maintainers disagree

UPDATED A hugely popular GDPR compliance plugin for WordPress contained an authenticated, persistent cross-site scripting (XSS) vulnerability related to the insecure use of PHP’s function, according to security researchers.

As a result, the CookieYes GDPR Cookie Consent & Compliance Notice plugin, which has more than one million active installations, no longer uses the function in the shortcodes module, as per a software update released today (September…

More Info

Developers hate WordPress — and so should marketers

WordPress is hands down the most popular CMS out there. Since it started in 2003, it’s accumulated a market share of 39% of websites on the internet. BBC America, the Washington Post, Walt Disney World, the government of Sweden, and, hell, even your favorite news source (TNW by the way) all use WordPress to build their websites. 

But, while the CMS system is powering the websites of so many businesses across the globe, the truth is, a majority of developers actually hate it.

In Stack Overflow’s annual Developer Survey, WordPress was voted the most dreaded platform to work with, in 2019

More Info

Add Custom SVGs via the Icon Block WordPress Plugin – WP Tavern

Nick Diego released the Icon Block plugin last week. Unlike similar blocks that are available, it does not rely on a third-party library. Instead, it caters to the developer and DIY crowd, allowing them to add any SVG directly to the editor.

Diego is the author of the Block Visibility plugin, which is just a little over a year old and shaping up to be the best project in the space. Over the summer, he expanded it with a pro version that adds value with more niche options. When it comes to the block editor, he has thus far shown a willingness to find creative solutions to problems…

More Info

Wish for a Killer Website Using WordPress for Your Business? Top Do's and Don'ts of WordPress – Customer Think

With more than 455 million websites now running on WordPress, it’s evident that this platform has taken the world by storm. Today, around 62% of the top 100 fastest-growing companies in the US use WordPress, and 70 million new blog posts pop up every month.

With its user-friendly interface and powerful tools, it becomes the favorite choice for all.
The best part is that with many WordPress themes and plugins, developers can do wonders with your website and take it from plain to unique in no time at all.

So, let’s get started.

Here are the top do’s and don’ts for those looking to…

More Info

WordPress Gutenberg 11.5 Achieves a Full Site Editing Milestone

WordPress Gutenberg 11.5, introduced a week ago includes a new Widget Group Block that fixes several bugs and substantially improves the widget block editing experience.

The new feature, called the Widget Group Block, brings the true bug-free full site editing experience to the WordPress widget block area.

WordPress Widgets

WordPress Widgets are functionalities that are typically found in the side-bars and footer area of a typical web page.

The widget area can, for example, contain calendars, search bars, site navigation, and links to the latest posts.

WordPress Layout Showing Widget Areas

WordPress 5.8.1 security release addresses clutch of vulnerabilities

James Walker

10 September 2021 at 13:23 UTC

Updated: 10 September 2021 at 17:00 UTC

Block editor XSS and REST API data exposure issues among now-patched bugs

WordPress has rolled out an update to its core codebase that includes mitigations against several troublesome security flaws

As well as fixing 61 bugs, WordPress 5.8.1, released yesterday (September 9), addresses a data exposure vulnerability within the REST API, an interface that allows plugins and themes to interact with WordPress core.


More Info

WordPress security: Information leak flaw addressed in Ninja Forms

Adam Bannister

08 September 2021 at 16:23 UTC

Updated: 09 September 2021 at 17:31 UTC

Developer reveals error-proofing improvements after delay to rollout of rapid fix

An information disclosure vulnerability has been patched in Ninja Forms, the form-building plugin for WordPress with more than one million active installations.

An authenticated attacker who abuses the flaw could export personal data submitted to websites via forms built with the extension.

The plugin’s developer, Saturday Drive,…

More Info

The 11 Best WordPress Plug-Ins for Supercharging Your Website

WordPress is so much more than a blogging tool. This flexible, easy-to-set-up web publishing platform has served as the foundation for more than 64 million websites since its launch more than a decade ago. Its popularity has spawned an incredibly rich plug-in ecosystem that helps webmasters improve their sites in many ways. From search engine optimization (SEO), to article enhancement, to comments management, you’ll find an amazing number of ways to trick out your WordPress installation’s base functionality, whether you’re hosting your own website or using a managed WordPress hosting…

More Info

How To Extend A WordPress Website Into A Business Web App

Other than being the world’s most popular Content Management System, WordPress also serves as a great boilerplate for building Web Apps. 

Yes, you can build Web Apps like Instagram, Freshbooks, or Exponentially using the WordPress PHP package as your starting point. You can build customized features, integrate APIs, and register users, with the same wholesome experience as you’d find in any other Web App.   

At this point, you might have questions like…

  • But isn’t WordPress a CMS, and not a framework? 
  • Wasn’t WordPress used for building websites? 
  • Why should I choose…

More Info

Business and Consumer Services tops WordPress Grid install base as of August 2021 – Verdict

The largest percentage of data and analytics solution WordPress Grid installations were in the business and consumer services sector as of August 2021, according to GlobalData Install Base database.

In all WordPress Grid deployments across sectors, the business and consumer services sector accounted for a 18.1% share, followed by construction with 18.1%.

In third place was healthcare with a 8.7% share and in fourth place was the media sector with 8.3%.

Among other prominent sectors in the IT solutions category were communications and IT with a 7.1% share, manufacturing with 6.3%,…

More Info