Bleeping Computer

Jupiter X Core WordPress plugin could let hackers hijack sites

Two vulnerabilities affecting some version of Jupiter X Core, a premium plugin for setting up WordPress and WooCommerce websites, allow hijacking accounts and uploading files without authentication.
TechCrunch

Automattic says it will reduce its contribution to WordPress core project to match WP Engine

It’s a new year, but drama in the WordPress community keeps going. Automattic, the company that runs WordPress.com, said that it would reduce its contribution to WordPress core, the open source ...
Searchenginejournal.com

WordPress Gutenberg 10.1 Boosts Core Web Vitals

WordPress announced the release of Gutenberg 10.1 and buried in all the little details of new features was an improvement that publishers have been waiting for. Google is soon updating their algorithm ...
Threat Post

WordPress Patches Serious Shortcodes Core Engine Vulnerability

WordPress upgraded to 4.3.1, patching a pair of vulnerabilities in the core engine, including a cross-site scripting issue enabled by a vulnerability in shortcodes. WordPress core engine security ...
Bleeping Computer

Unpatched Flaw Disclosed in WordPress CMS Core

Security researchers from RIPS disclosed today details about an unpatched security flaw impacting WordPress, the Internet's most popular content management system (CMS). RIPS researchers say they have ...
Searchenginejournal.com

Jetpack Boost For WordPress Core Web Vitals is Ready

Automattic, founded by the same person who created WordPress, formally launched Jetpack Boost, a free plugin that helps web pages optimize for Core Web Vitals. This is important because Core Web ...
ZDNet

WordPress File Manager plugin flaw causing website hijack exploited in the wild

According to the Sucuri WordPress security team, the vulnerability emerged in version 6.4 of the software, which is used as an alternative to FTP in managing file transfers, copying, deletion, and ...