WordPress.com which is the business side of WordPress has announced that it is entering the custom premium website development business called Built By WordPress. This is part of Automattic Inc., an American global distributed company founded in August 2005 which runs websites that include WooCommerce, Gravatar, Jetpack, and Akismet, among others. This new year announcement has however not been well received by the WordPress web development community who view this as their business being cannibalized or taken over by WordPress who they believe should just be running the ecosystem. Happy 2021 folks! What is a blog?, its history and its difference with a website One user has already branded Automattic and WordPress the Amazon of web development business given the controversy of how A...
WordPress 5.6 Simone is the latest WordPress version release. The plugin is named after the legendary performer Nina Simone, who is known for tunes like “Feeling Good”, “Young, Gifted and Black”, and “Four Women”. Fire up a playlist with her best work and read on to discover what we have in store for you. What's new with WordPress 5.6 Simone? Here is what is coming up with this great WordPress update. REST API authentication with Application Passwords This is by far the biggest and riskiest improvement. WordPress 5.6 will now allow external applications or third-party apps to request permission seamlessly to connect to your website and generate a password specific to that application. This update means that once the application is granted access, it can perform certain specific actions
Three critical privilege escalation vulnerabilities have been discovered in the Ultimate Member plugin that exposed over 100,000 websites to hacking risk. These loopholes made it possible for attackers to breach and escalate their privileges to those of an administrator and leading to a forced take over a WordPress site. Ultimate Member is a widely used WordPress plugin that enhances user registration and account control on WordPress websites. This plugin also enables site owners to create custom roles and manage the privileges of site members. The plugin thus automatically creates three forms: user registration, user login, and user profile management as part of its functionality. How the vulnerabilities in Ultimate member plugin risked your website This flaw which was detected by th...
In our previous tutorial, we learned how to create a new page in WordPress. In this tutorial, we will show you how to set the Featured Image in the Gutenberg Editor in WordPress. With just a few clicks, you can create a page that has a featured image with little effort. The Featured Image, also called the Post Thumbnail per the WordPress Codex, is the main representative image of a post or page. A featured image is very important for your website posts and pages, because this is most often what will show when shared on social media, or other platforms. It will also become the image used to represent the post when a specific theme may call for the featured image. For example, if your website theme has a section to show multiple images representing posts, then the featured ima
In this tutorial, we will show you how to create a WordPress page and how to add it to your website’s navigation menu. With just a few clicks, you can create a page in WordPress with little effort. The length of the post may make the process seem daunting, but it’s really not that difficult. Once you do it a few times, you’ll get the hang of it. How to Create a Page in WordPress. The first thing you’ll want to do is, log in to your WordPress website’s admin area. Once you have done that, click on the “Pages” menu item in the left navigation menu. This will take you to a list of all your pages. Build your first ever blog 20 minutes, 3 Simple Steps To get started adding a new page to your WordPress site, find the Pages menu in the WordPress Dashboard Navigation menu. Click
The WordFence Threat Intelligence team detected two vulnerabilities in Quiz and Survey Master (QSM), a WordPress plugin that is installed on over 30,000 sites. These flaws made it possible for unauthenticated attackers to upload arbitrary files and achieve remote code execution, as well as delete arbitrary files like a site’s wp-config.php file which could effectively take a site offline and allow an attacker to take over the vulnerable site. How Quiz and Survey Master is used in WordPress The Quiz and Survey Master is used in WordPress to add quizzes and surveys to sites. One of its features allows site owners to implement file uploads as a response type for a quiz or survey, which could be useful in a number of scenarios, such as a job application questionnaire with a PDF resume upl
A flaw in The Official Facebook Chat Plugin made it possible for low-level authenticated attackers to connect their own Facebook Messenger account to any site running the vulnerable plugin and engage in chats with site visitors on affected sites. This WordPress plugin is currently installed on over 80,000 sites. What is the Facebook Chat plugin The Official WordPress Facebook Chat plugin is a very simple plugin that is used to add a “Facebook Messenger” chat pop-up to any WordPress site and connect a site owner’s chosen Facebook page to receive messages and interact with site visitors. This vulnerability could be exploited and easily go undetected by a site owner, causing site visitors to interact with an attacker instead of the site owner. Exploit attempts targeting this vulnerabilit
The WordFence Threat Intelligence team was made aware of a possible vulnerability in the Adning Advertising plugin, a premium plugin with over 8,000 customers developed by plugin’s author, Tunafish. They discovered 2 vulnerabilities, one of which was a critical vulnerability that allowed an unauthenticated attacker to upload arbitrary files, leading to Remote Code Execution(RCE), which could allow complete site takeover. How the vulnerabilities were engaged Description: Unauthenticated Arbitrary File Upload leading to Remote Code Execution Affected Plugin: Adning Advertising Plugin Slug: angwp Affected Versions: < 1.5.6 CVE ID: N/A CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H CVSS score: 10.0(critical) Patched Version: 1.5.6 One functionality of the Adning plugi
Adding a Zoom Video Conference meeting directly into your website is a great deal right now. This is a great avenue to get more participants join your Zoom meetings. Having the HTML Zoom Meeting available directly on your website is among the few new ways to use Zoom on your website. it gives your clients a direct single location option for zoom meetings, this from a branding perspective is a win for your business. Steps to embed Zoom Meetings Step 1 — Create a Wordpress Website Step 2 — Download & Install Zoom Meetings for Wordpress Plugin Step 3 — Create an App with API Key Step 4 — Add API keys into Wordpress Step 5 — Use Shortcode on Webpage (With Zoom Meeting ID) Step 6 — Publish Page How to Install the Zoom integration Wordpress Plugin The process o
Fatal Error: max_execution_time exceeded, If you are getting this screen message on WordPress it is because the PHP script you are trying to run is perhaps taking longer to complete than the limit on your server allows. This is actually among the most common WordPress errors, and could also be in warning messages like: “Maximum execution time of 30 seconds exceeded” or “Maximum execution time of 60 seconds exceeded”. This means that it is taking to longer for a process to complete and it is timing out. Usually, web servers set a time limit on how long a script should or can run. The time limit is set in order to prevent your webserver from abuse. WordPress is a CMS made up of PHP scripts and thus each script must run completely within the set time limits. 30 seconds is the standard t