Last week, there were 74 vulnerabilities disclosed in 67 WordPress Plugins and 2 WordPress Themes that have been added to the Wordfence Intelligence Vulnerability Database, and there were 41 Vulnerability Researchers that contributed to WordPress Security last week. Review those vulnerabilities in this report now to ensure your site is not affected.
State of the Word 2025 brought the WordPress community together for an afternoon that felt both reflective and forward-moving, blending stories of global growth with technical milestones and glimpses of the future. This year also marked the twentieth State of the Word since the first address in 2006, a milestone noted in the WordPress history …
On June 10th, 2025, we received a submission for a Remote Code Execution vulnerability in Sneeit Framework, a WordPress plugin with an estimated 1,700 active installations. The plugin is bundled in multiple premium themes. This vulnerability can be leveraged to execute code remotely.
WordPress 6.9, code-named “Gene,” brings major upgrades to how teams collaborate and create. The Notes feature introduces block-level commenting to streamline reviewing and polishing content, navigating across the entire dashboard with the Command Palette is now faster for power users, and the new Abilities API provides a standardized way to open the door for AI-powered and automated workflows. Combined with all the performance and accessibility improvements, 6.9 is one to write home about.
You need translations, and WordPress offers a community system. But if you’re using translate.wordpress.org, you’ve likely seen delays and gaps. It’s not a lack of goodwill. It’s a problem too big for volunteers alone. The Actual State of WordPress Theme and Plugin Translation We analyzed the most widely used WordPress plugins and themes — the …
On November 18th, 2025, we received a submission for an unauthenticated Remote Code Execution vulnerability in Advanced Custom Fields: Extended, a WordPress plugin with more than 100,000 active installations. This vulnerability can be leveraged to execute code remotely.
On July 24th, 2025, we received a submission for a Privilege Escalation vulnerability in King Addons for Elementor, a WordPress plugin with more than 10,000 active installations. This vulnerability makes it possible for an unauthenticated attacker to grant themselves administrative privileges by specifying the administrator user role during registration.
WordPress 6.9 includes a change that breaks backward compatibility with previous versions of WPML. We just released WPML 4.8.6 so you can update and be fully prepared. What’s Happening in WordPress 6.9 WordPress is a living project. The core team regularly optimizes performance, stability, and security, which sometimes means changing how things work under the …
The Divi Black Friday Sale 2025 is in its final hours — it ends today. It’s our biggest event yet, featuring huge discounts, free prizes, and a brand-new Divi 5 Design System. Get massive savings on Divi, Divi AI, Divi Cloud, Divi Teams, Divi VIP, and exclusive Divi Marketplace Bundles built for Divi 5 — …
Our Black Friday Sale is coming to a close, but there’s still time to take advantage of amazing deals on Divi Memberships, products, and services. This year’s sale marks the arrival of Divi 5 Beta, with all purchases including the exclusive Divi 5 Design System. With Divi 5 close to a full release, now is the time to take …
The Black Friday sale is live, and thousands of designers and site owners have already locked in their savings. Last year, Divi 5 was released in Public Alpha, but to many, it felt like a still distant reality. Today, the picture has shifted entirely. Divi 5 is now in Public Beta — the final phase …
The Divi Black Friday Sale is our biggest and most anticipated event of the year — and it’s officially live. This is your once-a-year chance to unlock massive savings on your Divi membership and repack your subscriptions for long-term value. For a limited time, you can reduce your current subscription cost by up to 80% …
Last week, there were 140 vulnerabilities disclosed in 129 WordPress Plugins and 1 WordPress Theme that have been added to the Wordfence Intelligence Vulnerability Database, and there were 58 Vulnerability Researchers that contributed to WordPress Security last week. Review those vulnerabilities in this report now to ensure your site is not affected.
The Divi Black Friday Sale is in full swing, offering an incredible opportunity to score big with exclusive Black Friday Bundles featuring Divi Pro and Divi Marketplace products. Whether you’re looking to dive into Divi Pro, elevate your membership with Divi Service Bundles, or expand your Divi toolset, we have bundles to suit all your …
The third Release Candidate (“RC3”) for WordPress 6.9 is ready for download and testing! This version of the WordPress software is under development. Please do not install, run, or test this version of WordPress on production or mission-critical websites. Instead, it’s recommended that you evaluate RC3 on a test server and site. Reaching this phase …
The Divi Black Friday Sale 2025 is live! It’s our biggest event yet — featuring huge discounts, free prizes, and a brand-new Divi 5 Design System. Get massive savings on Divi, Divi AI, Divi Cloud, Divi Teams, Divi VIP, and exclusive Divi Marketplace Bundles built for Divi 5. We’re giving away over $730,400 in prizes, …
Black Friday has arrived — and we’re offering you our boldest deal of the year. Whether you’re a web designer, developer, or small-business owner, now’s the time to take your site to the next level with industry-leading WordPress tools at a fraction of the price. Get 40% off all regular memberships or take $75 dollar …
With the Loop Builder feature in Divi 5, you can easily create a responsive grid using the free version of Advanced Custom Fields (ACF). In this post, we’ll demonstrate how to configure ACF, set up CSS Grid, and use the Loop Builder to build a team portfolio grid in well under an hour. If you …
As a website grows, small styling differences, such as a border radius on a button or spacing in a heading, begin to appear across pages. Fixing them means repeating the same changes over and over. We introduced Presets a while ago and continued to build upon the system. Divi 5 now takes it further with …
Every website owner wants an accessible website, but it often takes work and some research. While the average user can navigate a website without supporting technologies, many people, including potential customers and fans, rely on an unseen layer of your website. Subscribe To Our Youtube Channel Screen readers and other assistive technologies tap into this …
Building layouts in Divi continues to become more advanced and intuitive. You can now place modules inside other modules with Nested Modules. You can also put rows inside rows; these are called Nested Rows. Both give you more design freedom, and both sound pretty similar when you first hear about them. However, they operate at …
Last month in October 2025, the Wordfence Bug Bounty Program received 486 vulnerability submissions from our growing community of security researchers working to improve the overall security posture of the WordPress ecosystem.
Last week, there were 106 vulnerabilities disclosed in 100 WordPress Plugins and 1 WordPress Theme that have been added to the Wordfence Intelligence Vulnerability Database, and there were 48 Vulnerability Researchers that contributed to WordPress Security last week. Review those vulnerabilities in this report now to ensure your site is not affected.
Black Friday is one of the best opportunities of the year to secure an incredible tech stack for your WordPress sites at unbelievable prices. There is literally a deal for everyone, and we’ve put together some of our favorites for you to browse through. While you might already be aware of Divi’s Black Friday festivities, …
Blind and low-vision users use screen readers to browse the web. These tools read your site out loud. Screen readers can only work with what your code tells them about the component. The site might work fine for sighted visitors who don’t use assistive technology, but it becomes a mess for anyone relying on assistive …
On October 11th, 2025, we received a submission for an Account Takeover via Email Log Disclosure vulnerability in Post SMTP, a WordPress plugin with more than 400,000 active installations. This vulnerability makes it possible for an unauthenticated attacker to view email logs, including password reset emails, and change the password of any user, including an administrator, which allows them to take over the account and the website.
The second Release Candidate (“RC2”) for WordPress 6.9 is ready for download and testing! This version of the WordPress software is under development. Please do not install, run, or test this version of WordPress on production or mission-critical websites. Instead, it’s recommended that you evaluate RC2 on a test server and site. Reaching this phase …
Our Divi Black Friday Sale isn’t just about the best discounts of the year — it’s about unlocking exclusive rewards. This year, we’re giving away thousands of premium products from the Divi Marketplace valued at over $730,400. You could walk away with up to eleven free prizes just by participating. In this post, we’ll give …
wordfence.com
wpml.org
elegantthemes.com
themify.me
woocommerce.com
