Plugins

ACF Chat Fridays: ACF Blocks Inline Editing Demo

ACF Chat Fridays is a monthly meetup for the Advanced Custom Fields community. The May 2, 2025 session featured a demo of inline editing for ACF Blocks, discussed ACF PRO 6.4's release, and encouraged community feedback. Hosted by Iain Poulson and others, it highlighted streamlined workflows and introduced new features while maintaining backward compatibility. Inline editing will be optional and not support certain complex fields initially. Upcoming sessions are scheduled monthly, with the next on June 6, 2025.

https://www.advancedcustomfields.com/blog/acf-chat-fridays-acf-blocks-inline-editing-demo/

How to Add an Author Bio to Your WordPress Posts

Author bios enhance credibility in WordPress posts, aiding personal branding and SEO. Various methods are available to add bios, including editing user profiles, utilizing theme options, plugins, or manual coding. Key steps involve editing user profiles for bio info, adding profile pictures via Gravatar, and checking theme support for bio sections. Several recommended plugins (e.g., Simple Author Box, WP Post Author) allow for customizable bios, while coding offers full control. Schema markup can improve SEO, and troubleshooting tips address common issues like missing bios or images. Tools like Jetpack AI Assistant can streamline content creation for authors.

https://jetpack.com/resources/add-author-bio-in-wordpress/

Recently Disclosed SureTriggers Critical Privilege Escalation Vulnerability Under Active Exploitation

On May 2, 2025, a critical vulnerability in the OttoKit: All-in-One Automation Platform (formerly SureTriggers) plugin was added to the Wordfence vulnerability database, allowing unauthenticated attackers and those with a valid application password to gain admin access. Exploitation began the same day, with mass attacks starting May 4, resulting in over 2,400 blocked attempts. Users are advised to update to the patched version 1.0.83 if not already applied. Indicators of compromised sites include suspicious admin account creation patterns. Wordfence customers received protection immediately, while free users will get it by June 1, 2025.

https://www.wordfence.com/blog/2025/05/recently-disclosed-suretriggers-critical-privilege-escalation-vulnerability-under-active-exploitation/

WordPress Security Research Series: Setting Up Your Research Lab

Part 3 of the WordPress Security Research Beginner Series outlines setting up an effective research lab for WordPress vulnerability testing. It emphasizes the importance of a flexible, low-maintenance environment and reviews setup options like Docker, WP Engine’s Local, and Devbox. Each platform has pros and cons regarding isolation, resource consumption, and configuration flexibility. Configuration advice for wp-config.php, PHP settings, and nuances in PHP and MySQL versions is provided to ensure accurate testing of vulnerabilities. Researchers are encouraged to participate in the Wordfence Bug Bounty Program, which offers significant rewards for reported vulnerabilities.

https://www.wordfence.com/blog/2025/05/wordpress-security-research-series-setting-up-your-research-lab/

How to Add Custom Fonts to WordPress (Step-by-Step Guide)

Adding custom fonts to WordPress enhances branding and website appearance, offering various methods: using the Font Library, Customizer, plugins, or coding in a child theme. Understanding font formats is crucial; WOFF and WOFF2 are recommended for compatibility. Each method has pros and cons regarding ease and customization. Optimizing font performance, ensuring accessibility, and addressing common issues like slow-loading fonts are essential for a better user experience. Jetpack AI Assistant can streamline content creation and optimize workflows for a more efficient design process.

https://jetpack.com/resources/how-to-add-font-to-wordpress/

How to Use WordPress Reusable Blocks Effectively

  • WordPress reusable blocks (now “synced patterns”) enable site-wide content updates from a single edit.
  • Useful for standard content (CTAs, bios) but limited for complex data or logic.
  • ACF Blocks offer advanced customization with fields and dynamic data handling.
  • Users can manage, edit, and organize their patterns easily within WordPress.
  • Export and import patterns via WordPress tools or plugins for multi-site management.
  • ACF Blocks enhance flexibility for complex content without requiring extensive coding knowledge.

https://www.advancedcustomfields.com/blog/wordpress-reusable-block/

Wordfence Intelligence Weekly WordPress Vulnerability Report (April 21, 2025 to April 27, 2025)

TLDR: Wordfence released its 2024 WordPress security report, detailing 230 vulnerabilities in plugins/themes and highlighting tools for vulnerable site management. Last week, 146 unpatched and 84 patched vulnerabilities were reported. Severe vulnerabilities include 25 critical, 35 high, and 170 medium. The report lists contributions of individual security researchers to WordPress security. Free tools and APIs are available for vulnerability scanning and updates.

https://www.wordfence.com/blog/2025/05/wordfence-intelligence-weekly-wordpress-vulnerability-report-april-21-2025-to-april-27-2025/

How to Duplicate a Page in WordPress (3 Easy Methods)

TLDR: Duplicate pages in WordPress for efficiency, design consistency, and A/B testing. Methods include using plugins (e.g., Jetpack, Yoast Duplicate Post, Duplicate Page), manual duplication, or custom code for advanced users. Essential tips: review duplicates, rename titles, update SEO settings, and adjust URL slugs. Improve efficiency further with Jetpack AI Assistant for content generation and editing.

https://jetpack.com/resources/how-to-duplicate-a-page-in-wordpress/

Wordfence: The World’s Leading Quality WordPress Vulnerability Intelligence Provider

TL;DR: Wordfence 2024 Report
– Released 2024 Annual WordPress Security Report confirming Wordfence's leadership in WordPress vulnerability intelligence via high-quality research and Bug Bounty Program.
– 8,233 vulnerabilities added in 2024 (41.7% of CVEs); 4,534 in 2025 (29%).
– Processed 65.8% of vulnerabilities in software with 50,000+ installs in 2024; 68.2% in 2025.
– 45.2% of high-threat vulnerabilities addressed in 2024; 66.7% for software with 50,000+ installs.
– Other providers focus on lower-impact vulnerabilities, creating noise and poor disclosure practices.
– Wordfence prioritizes impactful vulnerabilities, maintaining free detailed intelligence for community protection and security improvements.

https://www.wordfence.com/blog/2025/04/wordfence-the-worlds-leading-quality-wordpress-vulnerability-intelligence-provider/

Scroll to Top