The upcoming release of WordPress 6.9 promises new blocks, enhanced collaboration features, and improved plugin security checks. Mark your calendars for the release on December 2nd, which coincides with State of the Word!
Details here: developer.wordpress.org/news/...
#WordPressDevelopment
Details here: developer.wordpress.org/news/...
#WordPressDevelopment
What’s new for developers? (November 2025)
Learn more about WordPress 6.9, updates from Gutenberg 21.9 and 22.0, and the Playground and AI teams.
developer.wordpress.org
November 10, 2025 at 8:01 PM
The upcoming release of WordPress 6.9 promises new blocks, enhanced collaboration features, and improved plugin security checks. Mark your calendars for the release on December 2nd, which coincides with State of the Word!
Details here: developer.wordpress.org/news/...
#WordPressDevelopment
Details here: developer.wordpress.org/news/...
#WordPressDevelopment
Acelle Connect – WordPress Plugin for Acelle Mail
https://stylelib.org/?p=176916
#codecanyon #email #newsletter #newsletters #plugin #wordpress #marketing
https://stylelib.org/?p=176916
#codecanyon #email #newsletter #newsletters #plugin #wordpress #marketing
November 11, 2025 at 7:05 AM
Acelle Connect – WordPress Plugin for Acelle Mail
https://stylelib.org/?p=176916
#codecanyon #email #newsletter #newsletters #plugin #wordpress #marketing
https://stylelib.org/?p=176916
#codecanyon #email #newsletter #newsletters #plugin #wordpress #marketing
True or false:
🧪 WordPress plugin conflicts are just part of life.
FALSE.
The new Font Awesome plugin injects SVGs right into post content, meaning fewer conflicts and more icon power.
Listen here→ www.podcastawesome.com/2092855/epis...
Watch here → youtu.be/Hyx1etpMOYs?...
🧪 WordPress plugin conflicts are just part of life.
FALSE.
The new Font Awesome plugin injects SVGs right into post content, meaning fewer conflicts and more icon power.
Listen here→ www.podcastawesome.com/2092855/epis...
Watch here → youtu.be/Hyx1etpMOYs?...
WordPress Just Got Awesome (Again) – Font Awesome Plugin v5 Deep Dive with Mike Wilkerson - Podcast Awesome
Episode Summary:We're heading back to the basement — (sort of). In this episode, Matt catches up with Mike Wilkerson, the OG guest of Podcast Awesome, to unveil the biggest update yet to the official ...
www.podcastawesome.com
November 10, 2025 at 5:01 PM
True or false:
🧪 WordPress plugin conflicts are just part of life.
FALSE.
The new Font Awesome plugin injects SVGs right into post content, meaning fewer conflicts and more icon power.
Listen here→ www.podcastawesome.com/2092855/epis...
Watch here → youtu.be/Hyx1etpMOYs?...
🧪 WordPress plugin conflicts are just part of life.
FALSE.
The new Font Awesome plugin injects SVGs right into post content, meaning fewer conflicts and more icon power.
Listen here→ www.podcastawesome.com/2092855/epis...
Watch here → youtu.be/Hyx1etpMOYs?...
400,000 WordPress Sites Affected by Account Takeover Vulnerability in Post SMTP WordPress Plugin #appsec
400,000 WordPress Sites Affected by Account Takeover Vulnerability in Post SMTP WordPress Plugin
Eyal Estrin
unread,
12:51 PM (5 minutes ago)
to
https://www.wordfence.com/blog/2025/11/400000-wordpress-sites-affected-by-account-takeover-vulnerability-in-post-smtp-wordpress-plugin/
Eyal Estrin
CISSP, CCSP, CISM, CISA, CDPSE, CCSK
Blog: https://security-24-7.com | Books: https://amzn.to/42Xai9A | https://amzn.to/3Sggbtv
Twitter: @eyalestrin | Bluesky: @eyalestrin.bsky.social
Reply all
Reply to author
Forward
groups.google.com
November 6, 2025 at 7:56 PM
400,000 WordPress Sites Affected by Account Takeover Vulnerability in Post SMTP WordPress Plugin #appsec
Threat actors are actively exploiting a critical vulnerability in the Post SMTP plugin installed on more than 400,000 WordPress sites, to take complete control by hijacking administrator accounts.
Hackers exploit WordPress plugin Post SMTP to hijack admin accounts
Threat actors are actively exploiting a critical vulnerability in the Post SMTP plugin installed on more than 400,000 WordPress sites, to take complete control by hijacking administrator accounts.
www.bleepingcomputer.com
November 4, 2025 at 9:47 PM
Threat actors are actively exploiting a critical vulnerability in the Post SMTP plugin installed on more than 400,000 WordPress sites, to take complete control by hijacking administrator accounts.
400.000 llocs de WordPress són vulnerables a un bug del plugin Post SMTP. Els atacants poden arribar a restablir les contrasenyes dels comptes d’administrador.
Registrada com a CVE-2025-11833, la vilnerabilitat té una puntuació de 9,8/10.
www.wordfence.com/blog/2025/11...
Registrada com a CVE-2025-11833, la vilnerabilitat té una puntuació de 9,8/10.
www.wordfence.com/blog/2025/11...
www.wordfence.com
November 5, 2025 at 6:25 AM
400.000 llocs de WordPress són vulnerables a un bug del plugin Post SMTP. Els atacants poden arribar a restablir les contrasenyes dels comptes d’administrador.
Registrada com a CVE-2025-11833, la vilnerabilitat té una puntuació de 9,8/10.
www.wordfence.com/blog/2025/11...
Registrada com a CVE-2025-11833, la vilnerabilitat té una puntuació de 9,8/10.
www.wordfence.com/blog/2025/11...
Notícia da SecurityWeek
"Exploited ‘Post SMTP’ Plugin Flaw Exposes WordPress Sites to Takeover " #bolhasec
"Exploited ‘Post SMTP’ Plugin Flaw Exposes WordPress Sites to Takeover " #bolhasec
Exploited 'Post SMTP' Plugin Flaw Exposes WordPress Sites to Takeover
Many websites exposed to account takeover due to a critical vulnerability in the email delivery WordPress plugin Post SMTP.
www.securityweek.com
November 5, 2025 at 11:30 PM
Notícia da SecurityWeek
"Exploited ‘Post SMTP’ Plugin Flaw Exposes WordPress Sites to Takeover " #bolhasec
"Exploited ‘Post SMTP’ Plugin Flaw Exposes WordPress Sites to Takeover " #bolhasec
A buddy eventually pointed me to a local WordPress via LocalWP.com and a plugin called "Advanced Custom Fields" to define my own post-types. This setup will probably work well enough and I'll give it an honest try, but I'm still considering rolling my own bespoke site manager via Unity/Godot......
November 7, 2025 at 4:57 AM
A buddy eventually pointed me to a local WordPress via LocalWP.com and a plugin called "Advanced Custom Fields" to define my own post-types. This setup will probably work well enough and I'll give it an honest try, but I'm still considering rolling my own bespoke site manager via Unity/Godot......
Plugin AI Engine pro WordPress vystavuje 100 000 webů útokům na eskalaci privilegií. gbhackers.com/ai-engine-wo...
AI Engine WordPress Plugin Exposes 100,000 WordPress Sites to Privilege Escalation Attacks
A critical vulnerability discovered in the AI Engine WordPress plugin threatens over 100,000 active installations worldwide.
gbhackers.com
November 5, 2025 at 12:05 PM
Plugin AI Engine pro WordPress vystavuje 100 000 webů útokům na eskalaci privilegií. gbhackers.com/ai-engine-wo...
On the plus side, at least that Elementor WordPress plugin is named “Elementor,” so I can write things like “ah, Elementor—my old foe! Thine markup remains as shambolic as ever, I see” as wizardpost placeholder for myself in accessibility documentation.
There are no other plus sides to Elementor.
There are no other plus sides to Elementor.
November 3, 2025 at 7:56 PM
On the plus side, at least that Elementor WordPress plugin is named “Elementor,” so I can write things like “ah, Elementor—my old foe! Thine markup remains as shambolic as ever, I see” as wizardpost placeholder for myself in accessibility documentation.
There are no other plus sides to Elementor.
There are no other plus sides to Elementor.
I submitted my first plugin to WordPress.org and am awaiting approval.
Strange side effect? Getting briefly excited by every WordPress email about some automatic update. Sigh.
#sustainabledolly #websustainability #webdev #wordpress
Strange side effect? Getting briefly excited by every WordPress email about some automatic update. Sigh.
#sustainabledolly #websustainability #webdev #wordpress
November 3, 2025 at 11:12 PM
I submitted my first plugin to WordPress.org and am awaiting approval.
Strange side effect? Getting briefly excited by every WordPress email about some automatic update. Sigh.
#sustainabledolly #websustainability #webdev #wordpress
Strange side effect? Getting briefly excited by every WordPress email about some automatic update. Sigh.
#sustainabledolly #websustainability #webdev #wordpress
I've been using the Greenshift wordpress plugin lately and it's easy one of the best plugins to support gutenberg blocks.
wordpress.org/plugins/gree...
wordpress.org/plugins/gree...
Greenshift – animation and page builder blocks
More than 20 special blocks for Gutenberg to build complex pages and animations with highest possible web vitals score.
wordpress.org
November 2, 2025 at 5:09 AM
I've been using the Greenshift wordpress plugin lately and it's easy one of the best plugins to support gutenberg blocks.
wordpress.org/plugins/gree...
wordpress.org/plugins/gree...
Can't wait to hear about how bad actors exploited an old WordPress plugin that hits millions of websites everywhere all at once.
October 31, 2025 at 11:57 PM
Can't wait to hear about how bad actors exploited an old WordPress plugin that hits millions of websites everywhere all at once.
WordPress security plugin exposes private data to site subscribers
www.bleepingcomputer.com/news/securit...
www.bleepingcomputer.com/news/securit...
WordPress security plugin exposes private data to site subscribers
The Anti-Malware Security and Brute-Force Firewall plugin for WordPress, installed on over 100,000 sites, has a vulnerability that allows subscribers to read any file on the server, potentially exposi...
www.bleepingcomputer.com
October 31, 2025 at 12:21 PM
WordPress security plugin exposes private data to site subscribers
www.bleepingcomputer.com/news/securit...
www.bleepingcomputer.com/news/securit...
Does anyone know a website by a news organisation, that is federated into the #fediverse via the plugin for #wordpress? Would be a nice addition for my collection:
https://fingolas.eu/fediverse/overview.html
Maybe @pfefferle?
#socialmedia #activitypub
https://fingolas.eu/fediverse/overview.html
Maybe @pfefferle?
#socialmedia #activitypub
Media in the Fediverse
fingolas.eu
October 31, 2025 at 8:43 PM
Does anyone know a website by a news organisation, that is federated into the #fediverse via the plugin for #wordpress? Would be a nice addition for my collection:
https://fingolas.eu/fediverse/overview.html
Maybe @pfefferle?
#socialmedia #activitypub
https://fingolas.eu/fediverse/overview.html
Maybe @pfefferle?
#socialmedia #activitypub
The Anti-Malware Security and Brute-Force Firewall plugin for WordPress, installed on over 100,000 sites, has a vulnerability that allows subscribers to read any file on the server, potentially exposing private information.
WordPress security plugin exposes private data to site subscribers
The Anti-Malware Security and Brute-Force Firewall plugin for WordPress, installed on over 100,000 sites, has a vulnerability that allows subscribers to read any file on the server, potentially exposing private information.
www.bleepingcomputer.com
October 29, 2025 at 8:44 PM
The Anti-Malware Security and Brute-Force Firewall plugin for WordPress, installed on over 100,000 sites, has a vulnerability that allows subscribers to read any file on the server, potentially exposing private information.
Attackers Actively Exploiting Critical Vulnerability in WP Freeio Plugin
www.wordfence.com/blog/2025/10...
We urge users to ensure their sites are updated with the latest patched version(1.2.22) at the time of this writing, as soon as possible.
#wordpress #wordpresssecurity #wordpresssecuritynews
www.wordfence.com/blog/2025/10...
We urge users to ensure their sites are updated with the latest patched version(1.2.22) at the time of this writing, as soon as possible.
#wordpress #wordpresssecurity #wordpresssecuritynews
October 29, 2025 at 7:49 PM
Attackers Actively Exploiting Critical Vulnerability in WP Freeio Plugin
www.wordfence.com/blog/2025/10...
We urge users to ensure their sites are updated with the latest patched version(1.2.22) at the time of this writing, as soon as possible.
#wordpress #wordpresssecurity #wordpresssecuritynews
www.wordfence.com/blog/2025/10...
We urge users to ensure their sites are updated with the latest patched version(1.2.22) at the time of this writing, as soon as possible.
#wordpress #wordpresssecurity #wordpresssecuritynews
We've recently made several little accuracy and design updates to improve and further simplify the Plausible installation experience.
👉 We detect what technology you use on your site to recommend the best integration method: direct site installation, WordPress plugin, Tag Manger, or NPM.
contd.
👉 We detect what technology you use on your site to recommend the best integration method: direct site installation, WordPress plugin, Tag Manger, or NPM.
contd.
October 30, 2025 at 11:46 AM
We've recently made several little accuracy and design updates to improve and further simplify the Plausible installation experience.
👉 We detect what technology you use on your site to recommend the best integration method: direct site installation, WordPress plugin, Tag Manger, or NPM.
contd.
👉 We detect what technology you use on your site to recommend the best integration method: direct site installation, WordPress plugin, Tag Manger, or NPM.
contd.
Rogue WordPress Plugin Conceals Multi-Tiered Credit Card Skimmers in Fake PNG Files
www.wordfence.com/blog/2025/10...
The Wordfence Threat Intelligence Team recently discovered a sophisticated malware campaign targeting WordPress e-commerce sites, specifically those using the WooCommerce plugin.
www.wordfence.com/blog/2025/10...
The Wordfence Threat Intelligence Team recently discovered a sophisticated malware campaign targeting WordPress e-commerce sites, specifically those using the WooCommerce plugin.
October 29, 2025 at 6:27 PM
Rogue WordPress Plugin Conceals Multi-Tiered Credit Card Skimmers in Fake PNG Files
www.wordfence.com/blog/2025/10...
The Wordfence Threat Intelligence Team recently discovered a sophisticated malware campaign targeting WordPress e-commerce sites, specifically those using the WooCommerce plugin.
www.wordfence.com/blog/2025/10...
The Wordfence Threat Intelligence Team recently discovered a sophisticated malware campaign targeting WordPress e-commerce sites, specifically those using the WooCommerce plugin.
thats the free version of the wordpress maintenance plugin
i know because i'm setting up a wp site and thats the default image of it
i know because i'm setting up a wp site and thats the default image of it
October 28, 2025 at 3:54 PM
thats the free version of the wordpress maintenance plugin
i know because i'm setting up a wp site and thats the default image of it
i know because i'm setting up a wp site and thats the default image of it
WordPress Contact Form CFDB7 (≤1.3.2) hit by CRITICAL pre-auth SQL injection & PHP object injection. Disable plugin or apply WAF rules until patched. High risk for web admins! https://radar.offseq.com/threat/cve-2025-4665-cwe-89-improper-neutralization-of-sp-5cca9eab #OffSeq #WordPress #VulnAlert
October 29, 2025 at 1:31 AM
WordPress Contact Form CFDB7 (≤1.3.2) hit by CRITICAL pre-auth SQL injection & PHP object injection. Disable plugin or apply WAF rules until patched. High risk for web admins! https://radar.offseq.com/threat/cve-2025-4665-cwe-89-improper-neutralization-of-sp-5cca9eab #OffSeq #WordPress #VulnAlert
Our team developed an open-source WordPress plugin that lets you pull in items from your ORCID profile and display them on your site. Very cool!
Schopieray, S., & Eben, G. (2025). Linked Open Profiles - ORCID Global Participation Fund Final Report 2025 (p. 3). MSU Commons. doi.org/10.17613/ypc...
Schopieray, S., & Eben, G. (2025). Linked Open Profiles - ORCID Global Participation Fund Final Report 2025 (p. 3). MSU Commons. doi.org/10.17613/ypc...
Linked Open Profiles - ORCID Global Participation Fund Final Report 2025
Our project, Linked Open Profiles, is a WordPress plugin designed to display ORCID profile data directly on websites. With ORCID Global Participation Fund (GPF) support, we moved the tool from a proto...
doi.org
October 27, 2025 at 9:38 AM
Our team developed an open-source WordPress plugin that lets you pull in items from your ORCID profile and display them on your site. Very cool!
Schopieray, S., & Eben, G. (2025). Linked Open Profiles - ORCID Global Participation Fund Final Report 2025 (p. 3). MSU Commons. doi.org/10.17613/ypc...
Schopieray, S., & Eben, G. (2025). Linked Open Profiles - ORCID Global Participation Fund Final Report 2025 (p. 3). MSU Commons. doi.org/10.17613/ypc...
This Week in WordPress #354
This episode covers WordPress 6.9’s new features and testing guide, major UK cyber attacks, security insights, and why Malwarebytes chose WordPress. The panel discusses plugin lifetime deals, the rise of newsletters, and the pros and cons o
wpbuilds.com/2025/10/28/t...
This episode covers WordPress 6.9’s new features and testing guide, major UK cyber attacks, security insights, and why Malwarebytes chose WordPress. The panel discusses plugin lifetime deals, the rise of newsletters, and the pros and cons o
wpbuilds.com/2025/10/28/t...
October 28, 2025 at 7:03 AM
This Week in WordPress #354
This episode covers WordPress 6.9’s new features and testing guide, major UK cyber attacks, security insights, and why Malwarebytes chose WordPress. The panel discusses plugin lifetime deals, the rise of newsletters, and the pros and cons o
wpbuilds.com/2025/10/28/t...
This episode covers WordPress 6.9’s new features and testing guide, major UK cyber attacks, security insights, and why Malwarebytes chose WordPress. The panel discusses plugin lifetime deals, the rise of newsletters, and the pros and cons o
wpbuilds.com/2025/10/28/t...
TextHumanizer for WordPress is a great tool to make AI-generated content sound more human. This plugin can help avoid flagging by search engines and ensure authenticity. Try it out today! #WordPress #AI https://www.wpsolver.com/texthumanizer/
AI is enabling a lot of people to come up with lots of content in almost no time. Unfortunately, without the right prompt your content may not sound too authentic. It could also get your site flagged by the search engines. TextHumanizer is a handy plugin that makes your AI content sound more human.Currently Trending […]
www.wpsolver.com
October 21, 2025 at 10:44 AM
TextHumanizer for WordPress is a great tool to make AI-generated content sound more human. This plugin can help avoid flagging by search engines and ensure authenticity. Try it out today! #WordPress #AI https://www.wpsolver.com/texthumanizer/
Last week in the Vercel Community...
* Open source Wordpress plugin for Vercel projects
* Basketball Bingo, a daily NBA trivia grid
* Zero-config support for NestJS backends
* Preview of v0 in Slack on stage at Dreamforce 2025
* Open source Wordpress plugin for Vercel projects
* Basketball Bingo, a daily NBA trivia grid
* Zero-config support for NestJS backends
* Preview of v0 in Slack on stage at Dreamforce 2025
News Cache (2025-10-20)
🖤 Highlights Agents at work, a partnership with Salesforce and Slack Braintrust joins the Vercel Marketplace Anomaly alerts now in public beta Zero-configuration support for NestJS ⭐ Community Proje...
community.vercel.com
October 20, 2025 at 2:58 PM
Last week in the Vercel Community...
* Open source Wordpress plugin for Vercel projects
* Basketball Bingo, a daily NBA trivia grid
* Zero-config support for NestJS backends
* Preview of v0 in Slack on stage at Dreamforce 2025
* Open source Wordpress plugin for Vercel projects
* Basketball Bingo, a daily NBA trivia grid
* Zero-config support for NestJS backends
* Preview of v0 in Slack on stage at Dreamforce 2025