From Wikipedia for FEVERv2
Jump to navigation Jump to search

This article is about the web content management system (WordPress.org). WordPress_sentence_0

For the blog host, see WordPress.com. WordPress_sentence_1


Developer(s)WordPress_header_cell_0_0_0 WordPress FoundationWordPress_cell_0_0_1
Initial releaseWordPress_header_cell_0_1_0 May 27, 2003; 17 years ago (2003-05-27)WordPress_cell_0_1_1
Stable releaseWordPress_header_cell_0_2_0 5.5.3
  / 2020-10-30WordPress_cell_0_2_1
RepositoryWordPress_header_cell_0_3_0 Q13166#P1324WordPress_cell_0_3_1
Written inWordPress_header_cell_0_4_0 PHPWordPress_cell_0_4_1
Operating systemWordPress_header_cell_0_5_0 Unix-like, Windows, LinuxWordPress_cell_0_5_1
TypeWordPress_header_cell_0_6_0 Blog software, content management system, content management frameworkWordPress_cell_0_6_1
LicenseWordPress_header_cell_0_7_0 GPLv2+WordPress_cell_0_7_1
WebsiteWordPress_header_cell_0_8_0 WordPress_cell_0_8_1

WordPress (WP, WordPress.org) is a free and open-source content management system (CMS) written in PHP and paired with a MySQL or MariaDB database. WordPress_sentence_2

Features include a plugin architecture and a template system, referred to within WordPress as Themes. WordPress_sentence_3

WordPress was originally created as a blog-publishing system but has evolved to support other types of web content including more traditional mailing lists and forums, media galleries, membership sites, learning management systems (LMS) and online stores. WordPress_sentence_4

WordPress is used by more than 60 million websites, including 33.6% of the top 10 million websites as of April 2019, WordPress is one of the most popular content management system solutions in use. WordPress_sentence_5

WordPress has also been used for other application domains such as pervasive display systems (PDS). WordPress_sentence_6

WordPress was released on May 27, 2003, by its founders, American developer Matt Mullenweg and English developer Mike Little, as a fork of b2/cafelog. WordPress_sentence_7

The software is released under the GPLv2 (or later) license. WordPress_sentence_8

To function, WordPress has to be installed on a web server, either part of an Internet hosting service like WordPress.com or a computer running the software package WordPress.org in order to serve as a network host in its own right. WordPress_sentence_9

A local computer may be used for single-user testing and learning purposes. WordPress_sentence_10

Overview WordPress_section_0

"WordPress is a factory that makes webpages" is a core analogy designed to clarify the functions of WordPress: it stores content and enables a user to create and publish webpages, requiring nothing beyond a domain and a hosting service. WordPress_sentence_11

WordPress has a web template system using a template processor. WordPress_sentence_12

Its architecture is a front controller, routing all requests for non-static URIs to a single PHP file which parses the URI and identifies the target page. WordPress_sentence_13

This allows support for more human-readable permalinks. WordPress_sentence_14

Themes WordPress_section_1

WordPress users may install and switch among different themes. WordPress_sentence_15

Themes allow users to change the look and functionality of a WordPress website without altering the core code or site content. WordPress_sentence_16

Every WordPress website requires at least one theme to be present and every theme should be designed using WordPress standards with structured PHP, valid HTML (HyperText Markup Language), and Cascading Style Sheets (CSS). WordPress_sentence_17

Themes may be directly installed using the WordPress "Appearance" administration tool in the dashboard, or theme folders may be copied directly into the themes directory, for example via . WordPress_sentence_18

The PHP, HTML and CSS found in themes can be directly modified to alter theme behavior, or a theme can be a "child" theme that inherits settings from another theme and selectively overrides features. WordPress_sentence_19

WordPress themes are generally classified into two categories: free and premium. WordPress_sentence_20

Many free themes are listed in the WordPress theme directory (also known as the repository), and premium themes are available for purchase from marketplaces and individual WordPress developers. WordPress_sentence_21

WordPress users may also create and develop their own custom themes. WordPress_sentence_22

The free theme Underscores created by the WordPress developers has become a popular basis for new themes. WordPress_sentence_23

Plugins WordPress_section_2

WordPress' plugin architecture allows users to extend the features and functionality of a website or blog. WordPress_sentence_24

As of January 2020, WordPress.org has 55,487 plugins available, each of which offers custom functions and features enabling users to tailor their sites to their specific needs. WordPress_sentence_25

However, this does not include the premium plugins that are available (approximately 1,500+), which may not be listed in the WordPress.org repository. WordPress_sentence_26

These customizations range from search engine optimization (SEO), to client portals used to display private information to logged in users, to content management systems, to content displaying features, such as the addition of widgets and navigation bars. WordPress_sentence_27

Not all available plugins are always abreast with the upgrades and as a result they may not function properly or may not function at all. WordPress_sentence_28

Most plugins are available through WordPress themselves, either via downloading them and installing the files manually via or through the WordPress dashboard. WordPress_sentence_29

However, many third parties offer plugins through their own websites, many of which are paid packages. WordPress_sentence_30

Web developers who wish to develop plugins need to learn WordPress' hook system which consists of over 300 hooks divided into two categories: action hooks and filter hooks. WordPress_sentence_31

Mobile applications WordPress_section_3

Phone apps for WordPress exist for WebOS, Android, iOS (iPhone, iPod Touch, iPad), Windows Phone, and BlackBerry. WordPress_sentence_32

These applications, designed by Automattic, have options such as adding new blog posts and pages, commenting, moderating comments, replying to comments in addition to the ability to view the stats. WordPress_sentence_33

Accessibility WordPress_section_4

The WordPress Accessibility Team has worked to improve the accessibility for core WordPress as well as support a clear identification of accessible themes. WordPress_sentence_34

The WordPress Accessibility Team provides continuing educational support about web accessibility and inclusive design. WordPress_sentence_35

The WordPress Accessibility Coding Standards state that "All new or updated code released in WordPress must conform with the Web Content Accessibility Guidelines 2.0 at level AA." WordPress_sentence_36

Other features WordPress_section_5

WordPress also features integrated link management; a search engine–friendly, clean permalink structure; the ability to assign multiple categories to posts; and support for tagging of posts. WordPress_sentence_37

Automatic filters are also included, providing standardized formatting and styling of text in posts (for example, converting regular quotes to smart quotes). WordPress_sentence_38

WordPress also supports the Trackback and Pingback standards for displaying links to other sites that have themselves linked to a post or an article. WordPress_sentence_39

WordPress posts can be edited in HTML, using the visual editor, or using one of a number of plugins that allow for a variety of customized editing features. WordPress_sentence_40

Multi-user and multi-blogging WordPress_section_6

Prior to version 3, WordPress supported one blog per installation, although multiple concurrent copies may be run from different directories if configured to use separate database tables. WordPress_sentence_41

WordPress Multisites (previously referred to as WordPress Multi-User, WordPress MU, or WPMU) was a fork of WordPress created to allow multiple blogs to exist within one installation but is able to be administered by a centralized maintainer. WordPress_sentence_42

WordPress MU makes it possible for those with websites to host their own blogging communities, as well as control and moderate all the blogs from a single dashboard. WordPress_sentence_43

WordPress MS adds eight new data tables for each blog. WordPress_sentence_44

As of the release of WordPress 3, WordPress MU has merged with WordPress. WordPress_sentence_45

History WordPress_section_7

b2/cafelog, more commonly known as b2 or cafelog, was the precursor to WordPress. WordPress_sentence_46

b2/cafelog was estimated to have been installed on approximately 2,000 blogs as of May 2003. WordPress_sentence_47

It was written in PHP for use with MySQL by Michel Valdrighi, who is now a contributing developer to WordPress. WordPress_sentence_48

Although WordPress is the official successor, another project, b2evolution, is also in active development. WordPress_sentence_49

WordPress first appeared in 2003 as a joint effort between Matt Mullenweg and Mike Little to create a fork of b2. WordPress_sentence_50

Christine Selleck Tremoulet, a friend of Mullenweg, suggested the name WordPress. WordPress_sentence_51

In 2004 the licensing terms for the competing Movable Type package were changed by Six Apart, resulting in many of its most influential users migrating to WordPress. WordPress_sentence_52

By October 2009 the Open Source CMS MarketShare Report concluded that WordPress enjoyed the greatest brand strength of any open-source content management system. WordPress_sentence_53

As of June 2019, WordPress is used by 60.8% of all the websites whose content management system is known. WordPress_sentence_54

This is 27.5% of the top 10 million websites. WordPress_sentence_55

Awards and recognition WordPress_section_8


  • Winner of InfoWorld's "Best of open source software awards: Collaboration", awarded in 2008.WordPress_item_0_0
  • Winner of Open Source CMS Awards's "Overall Best Open Source CMS", awarded in 2009.WordPress_item_0_1
  • Winner of digitalsynergy's "Hall of Fame CMS category in the 2010 Open Source", awarded in 2010.WordPress_item_0_2
  • Winner of InfoWorld's "Bossie award for Best Open Source Software", awarded in 2011.WordPress_item_0_3
  • WordPress has a five star privacy rating from the Electronic Frontier Foundation.WordPress_item_0_4

Release history WordPress_section_9

Main releases of WordPress are codenamed after well-known jazz musicians, starting from version 1.0. WordPress_sentence_56


Legend:WordPress_header_cell_1_0_0 Old version, not maintainedWordPress_cell_1_0_1 Older version, still maintainedWordPress_cell_1_0_2 Current stable versionWordPress_cell_1_0_3 Latest preview versionWordPress_cell_1_0_4 Future releaseWordPress_cell_1_0_5


VersionWordPress_header_cell_2_0_0 Code nameWordPress_header_cell_2_0_1 Release dateWordPress_header_cell_2_0_2 NotesWordPress_header_cell_2_0_3
Old version, no longer maintained: 0.7WordPress_header_cell_2_1_0 noneWordPress_cell_2_1_1 May 27, 2003WordPress_cell_2_1_2 Used the same file structure as its predecessor, b2/cafelog, and continued the numbering from its last release, 0.6. Only 0.71-gold is available for download in the official WordPress Release Archive page.WordPress_cell_2_1_3
Old version, no longer maintained: 1.0WordPress_header_cell_2_2_0 DavisWordPress_cell_2_2_1 January 3, 2004WordPress_cell_2_2_2 Added search engine friendly permalinks, multiple categories, dead simple installation and upgrade, comment moderation, XFN support, Atom support.WordPress_cell_2_2_3
Old version, no longer maintained: 1.2WordPress_header_cell_2_3_0 MingusWordPress_cell_2_3_1 May 22, 2004WordPress_cell_2_3_2 Added support of Plugins; which same identification headers are used unchanged in WordPress releases as of 2011.WordPress_cell_2_3_3
Old version, no longer maintained: 1.5WordPress_header_cell_2_4_0 StrayhornWordPress_cell_2_4_1 February 17, 2005WordPress_cell_2_4_2 Added a range of vital features, such as ability to manage static pages and a template/Theme system. It was also equipped with a new default template (code named Kubrick). designed by Michael Heilemann.WordPress_cell_2_4_3
Old version, no longer maintained: 2.0WordPress_header_cell_2_6_0 DukeWordPress_cell_2_6_1 December 31, 2005WordPress_cell_2_6_2 Added rich editing, better administration tools, image uploading, faster posting, improved import system, fully overhauled the back end, and various improvements to Plugin developers.WordPress_cell_2_6_3
Old version, no longer maintained: 2.1WordPress_header_cell_2_7_0 EllaWordPress_cell_2_7_1 January 22, 2007WordPress_cell_2_7_2 Corrected security issues, redesigned interface, enhanced editing tools (including integrated spell check and auto save), and improved content management options.WordPress_cell_2_7_3
Old version, no longer maintained: 2.2WordPress_header_cell_2_8_0 GetzWordPress_cell_2_8_1 May 16, 2007WordPress_cell_2_8_2 Added widget support for templates, updated Atom feed support, and speed optimizations.WordPress_cell_2_8_3
Old version, no longer maintained: 2.3WordPress_header_cell_2_9_0 DexterWordPress_cell_2_9_1 September 24, 2007WordPress_cell_2_9_2 Added native tagging support, new taxonomy system for categories, and easy notification of updates, fully supports Atom 1.0, with the publishing protocol, and some much needed security fixes.WordPress_cell_2_9_3
Old version, no longer maintained: 2.5WordPress_header_cell_2_10_0 BreckerWordPress_cell_2_10_1 March 29, 2008WordPress_cell_2_10_2 Major revamp to the dashboard, dashboard widgets, multi-file upload, extended search, improved editor, improved plugin system and more.WordPress_cell_2_10_3
Old version, no longer maintained: 2.6WordPress_header_cell_2_11_0 TynerWordPress_cell_2_11_1 July 15, 2008WordPress_cell_2_11_2 Added new features that made WordPress a more powerful CMS: it can now track changes to every post and page and allow easy posting from anywhere on the web.WordPress_cell_2_11_3
Old version, no longer maintained: 2.7WordPress_header_cell_2_12_0 ColtraneWordPress_cell_2_12_1 December 11, 2008WordPress_cell_2_12_2 Administration interface redesigned fully, added automatic upgrades and installing plugins, from within the administration interface.WordPress_cell_2_12_3
Old version, no longer maintained: 2.8WordPress_header_cell_2_13_0 BakerWordPress_cell_2_13_1 June 10, 2009WordPress_cell_2_13_2 Added improvements in speed, automatic installing of themes from within administration interface, introduces the CodePress editor for syntax highlighting and a redesigned widget interface.WordPress_cell_2_13_3
Old version, no longer maintained: 2.9WordPress_header_cell_2_14_0 CarmenWordPress_cell_2_14_1 December 19, 2009WordPress_cell_2_14_2 Added global undo, built-in image editor, batch plugin updating, and many less visible tweaks.WordPress_cell_2_14_3
Old version, no longer maintained: 3.0WordPress_header_cell_2_16_0 TheloniousWordPress_cell_2_16_1 June 17, 2010WordPress_cell_2_16_2 Added a new theme APIs, merge WordPress and WordPress MU, creating the new multi-site functionality, new default theme "Twenty Ten" and a refreshed, lighter admin UI.WordPress_cell_2_16_3
Old version, no longer maintained: 3.1WordPress_header_cell_2_17_0 ReinhardtWordPress_cell_2_17_1 February 23, 2011WordPress_cell_2_17_2 Added the Admin Bar, which is displayed on all blog pages when an admin is logged in, and Post Format, best explained as a Tumblr like micro-blogging feature. It provides easy access to many critical functions, such as comments and updates. Includes internal linking abilities, a newly streamlined writing interface, and many other changes.WordPress_cell_2_17_3
Old version, no longer maintained: 3.2WordPress_header_cell_2_18_0 GershwinWordPress_cell_2_18_1 July 4, 2011WordPress_cell_2_18_2 Focused on making WordPress faster and lighter. Released only four months after version 3.1, reflecting the growing speed of development in the WordPress community.WordPress_cell_2_18_3
Old version, no longer maintained: 3.3WordPress_header_cell_2_19_0 SonnyWordPress_cell_2_19_1 December 12, 2011WordPress_cell_2_19_2 Focused on making WordPress friendlier for beginners and tablet computer users.WordPress_cell_2_19_3
Old version, no longer maintained: 3.4WordPress_header_cell_2_20_0 GreenWordPress_cell_2_20_1 June 13, 2012WordPress_cell_2_20_2 Focused on improvements to theme customization, Twitter integration and several minor changes.WordPress_cell_2_20_3
Old version, no longer maintained: 3.5WordPress_header_cell_2_21_0 ElvinWordPress_cell_2_21_1 December 11, 2012WordPress_cell_2_21_2 Support for the Retina Display, color picker, new default theme "Twenty Twelve", improved image workflow.WordPress_cell_2_21_3
Old version, no longer maintained: 3.6WordPress_header_cell_2_22_0 OscarWordPress_cell_2_22_1 August 1, 2013WordPress_cell_2_22_2 New default theme "Twenty Thirteen", admin enhancements, post formats UI update, menus UI improvements, new revision system, autosave and post locking.WordPress_cell_2_22_3
Older version, yet still maintained: 3.7WordPress_header_cell_2_23_0 BasieWordPress_cell_2_23_1 October 24, 2013WordPress_cell_2_23_2 Automatically apply maintenance and security updates in the background, stronger password recommendations, support for automatically installing the right language files and keeping them up to date.WordPress_cell_2_23_3
Older version, yet still maintained: 3.8WordPress_header_cell_2_24_0 ParkerWordPress_cell_2_24_1 December 12, 2013WordPress_cell_2_24_2 Improved admin interface, responsive design for mobile devices, new typography using Open Sans, admin color schemes, redesigned theme management interface, simplified main dashboard, "Twenty Fourteen" magazine style default theme, second release using "Plugin-first development process".WordPress_cell_2_24_3
Older version, yet still maintained: 3.9WordPress_header_cell_2_25_0 SmithWordPress_cell_2_25_1 April 16, 2014WordPress_cell_2_25_2 Improvements to editor for media, live widget and header previews, new theme browser.WordPress_cell_2_25_3
Older version, yet still maintained: 4.0WordPress_header_cell_2_27_0 BennyWordPress_cell_2_27_1 September 4, 2014WordPress_cell_2_27_2 Improved media management, embeds, writing interface, easy language change, theme customizer, plugin discovery and compatibility with PHP 5.5 and MySQL 5.6.WordPress_cell_2_27_3
Older version, yet still maintained: 4.1WordPress_header_cell_2_28_0 DinahWordPress_cell_2_28_1 December 18, 2014WordPress_cell_2_28_2 Twenty Fifteen as the new default theme, distraction-free writing, easy language switch, Vine embeds and plugin recommendations.WordPress_cell_2_28_3
Older version, yet still maintained: 4.2WordPress_header_cell_2_29_0 PowellWordPress_cell_2_29_1 April 23, 2015WordPress_cell_2_29_2 New "Press This" features, improved characters support, emoji support, improved customizer, new embeds and updated plugin system.WordPress_cell_2_29_3
Older version, yet still maintained: 4.3WordPress_header_cell_2_30_0 BillieWordPress_cell_2_30_1 August 18, 2015WordPress_cell_2_30_2 Focus on mobile experience, better passwords and improved customizer.WordPress_cell_2_30_3
Older version, yet still maintained: 4.4WordPress_header_cell_2_31_0 CliffordWordPress_cell_2_31_1 December 8, 2015WordPress_cell_2_31_2 Introduction of "Twenty Sixteen" theme, and improved responsive images and embeds.WordPress_cell_2_31_3
Older version, yet still maintained: 4.5WordPress_header_cell_2_32_0 ColemanWordPress_cell_2_32_1 April 12, 2016WordPress_cell_2_32_2 Added inline linking, formatting shortcuts, live responsive previews, and other updates under the hood.WordPress_cell_2_32_3
Older version, yet still maintained: 4.6WordPress_header_cell_2_33_0 PepperWordPress_cell_2_33_1 August 16, 2016WordPress_cell_2_33_2 Added streamlined updates, native fonts, editor improvements with inline link checker and content recovery, and other updates under the hood.WordPress_cell_2_33_3
Older version, yet still maintained: 4.7WordPress_header_cell_2_34_0 VaughanWordPress_cell_2_34_1 December 6, 2016WordPress_cell_2_34_2 Comes with new default theme "Twenty Seventeen", Video Header Support, PDF preview, custom CSS in live preview, editor Improvements, and other updates under the hood.WordPress_cell_2_34_3
Older version, yet still maintained: 4.8WordPress_header_cell_2_35_0 EvansWordPress_cell_2_35_1 June 8, 2017WordPress_cell_2_35_2 The next-generation editor. Additional specific goals include the TinyMCE inline element / link boundaries, new media widgets, WYSIWYG in text widget. End Support for Internet Explorer Versions 8, 9, and 10.WordPress_cell_2_35_3
Older version, yet still maintained: 4.9WordPress_header_cell_2_36_0 TiptonWordPress_cell_2_36_1 November 16, 2017WordPress_cell_2_36_2 Improved theme customizer experience, including scheduling, frontend preview links, autosave revisions, theme browsing, improved menu functions, and syntax highlighting. Added new gallery widget and updated text and video widgets. Theme editor gives warnings and rollbacks when saving files that produce fatal errors.WordPress_cell_2_36_3
Older version, yet still maintained: 5.0WordPress_header_cell_2_38_0 BeboWordPress_cell_2_38_1 December 6, 2018WordPress_cell_2_38_2 New block based editor Gutenberg with new default theme "Twenty Nineteen".WordPress_cell_2_38_3
Older version, yet still maintained: 5.1WordPress_header_cell_2_39_0 BettyWordPress_cell_2_39_1 February 21, 2019WordPress_cell_2_39_2 PHP version upgrade notices, and block editor improvements.WordPress_cell_2_39_3
Older version, yet still maintained: 5.2WordPress_header_cell_2_40_0 JacoWordPress_cell_2_40_1 May 7, 2019WordPress_cell_2_40_2 Include Site Health Check, PHP error protection, the all new block directory, and update package signing.WordPress_cell_2_40_3
Older version, yet still maintained: 5.3WordPress_header_cell_2_41_0 KirkWordPress_cell_2_41_1 November 12, 2019WordPress_cell_2_41_2 Polish current user interactions and make user interfaces more user friendly. New default theme "Twenty Twenty", designed by Anders Norén.WordPress_cell_2_41_3
Older version, yet still maintained: 5.4WordPress_header_cell_2_42_0 AdderleyWordPress_cell_2_42_1 March 31, 2020WordPress_cell_2_42_2 Social Icons and Buttons blocks added, blocks customization and user interface improved, added features for personal data exports, custom fields for menu items, blocks improvements for developers.WordPress_cell_2_42_3
Current stable version: 5.5WordPress_header_cell_2_43_0 EckstineWordPress_cell_2_43_1 August 11, 2020WordPress_cell_2_43_2 Added lazy-loading images, XML sitemaps by default, auto-updates to plugins and themes, and improvements to the block editor.WordPress_cell_2_43_3
WordPress_header_cell_2_44_0 WordPress_cell_2_44_1 WordPress_cell_2_44_2 WordPress_cell_2_44_3
5.6WordPress_header_cell_2_45_0 SimoneWordPress_cell_2_45_1 December 8, 2020WordPress_cell_2_45_2 Better video captioning added, Twenty Twenty-one theme added.WordPress_cell_2_45_3

WordPress 5.0 "Bebo" WordPress_section_10

The December 2018 release of WordPress 5.0, "Bebo", is named in homage to the pioneering Cuban jazz musician Bebo Valdés. WordPress_sentence_57

It included a new default editor "Gutenberg" – a block-based editor; it allows users to modify their displayed content in a much more user friendly way than prior iterations. WordPress_sentence_58

Blocks are abstract units of markup that, composed together, form the content or layout of a web page. WordPress_sentence_59

Past content that was created on WordPress pages is listed under what is referred to as a Classic Block. WordPress_sentence_60

Prior to Gutenberg, there were several block-based editors available as WordPress plugins, e.g. Elementor, and following the release of Gutenberg it was compared to existing plugins. WordPress_sentence_61

Classic Editor plugin WordPress_section_11

The Classic Editor Plugin was created as result of User preferences and as a way to help website developers to maintain past plugins only compatible with WordPress 4.9.8 giving plugin developers time to get their plugins updated & compatible with the 5.0 release. WordPress_sentence_62

Having the Classic Editor plugin installed restores the "classic" editing experience that WordPress has had up until the WordPress 5.0 release. WordPress_sentence_63

The Classic Editor Plugin will be supported at least until 2022. WordPress_sentence_64

The Classic Editor plugin is active on over 5,000,000 installations of WordPress. WordPress_sentence_65

Vulnerabilities WordPress_section_12

Many security issues have been uncovered in the software, particularly in 2007, 2008, and 2015. WordPress_sentence_66

According to Secunia, WordPress in April 2009 had seven unpatched security advisories (out of 32 total), with a maximum rating of "Less Critical". WordPress_sentence_67

Secunia maintains an up-to-date list of WordPress vulnerabilities. WordPress_sentence_68

In January 2007, many high-profile search engine optimization (SEO) blogs, as well as many low-profile commercial blogs featuring AdSense, were targeted and attacked with a WordPress exploit. WordPress_sentence_69

A separate vulnerability on one of the project site's web servers allowed an attacker to introduce exploitable code in the form of a back door to some downloads of WordPress 2.1.1. WordPress_sentence_70

The 2.1.2 release addressed this issue; an advisory released at the time advised all users to upgrade immediately. WordPress_sentence_71

In May 2007, a study revealed that 98% of WordPress blogs being run were exploitable because they were running outdated and unsupported versions of the software. WordPress_sentence_72

In part to mitigate this problem, WordPress made updating the software a much easier, "one click" automated process in version 2.7 (released in December 2008). WordPress_sentence_73

However, the filesystem security settings required to enable the update process can be an additional risk. WordPress_sentence_74

In a June 2007 interview, Stefan Esser, the founder of the PHP Security Response Team, spoke critically of WordPress' security track record, citing problems with the application's architecture that made it unnecessarily difficult to write code that is secure from SQL injection vulnerabilities, as well as some other problems. WordPress_sentence_75

In June 2013, it was found that some of the 50 most downloaded WordPress plugins were vulnerable to common Web attacks such as SQL injection and XSS. WordPress_sentence_76

A separate inspection of the top-10 e-commerce plugins showed that seven of them were vulnerable. WordPress_sentence_77

In an effort to promote better security, and to streamline the update experience overall, automatic background updates were introduced in WordPress 3.7. WordPress_sentence_78

Individual installations of WordPress can be protected with security plugins that prevent user enumeration, hide resources and thwart probes. WordPress_sentence_79

Users can also protect their WordPress installations by taking steps such as keeping all WordPress installation, themes, and plugins updated, using only trusted themes and plugins, editing the site's .htaccess configuration file if supported by the web server to prevent many types of SQL injection attacks and block unauthorized access to sensitive files. WordPress_sentence_80

It is especially important to keep WordPress plugins updated because would-be hackers can easily list all the plugins a site uses, and then run scans searching for any vulnerabilities against those plugins. WordPress_sentence_81

If vulnerabilities are found, they may be exploited to allow hackers to, for example, upload their own files (such as a web shell) that collect sensitive information. WordPress_sentence_82

Developers can also use tools to analyze potential vulnerabilities, including WPScan, WordPress Auditor and WordPress Sploit Framework developed by 0pc0deFR. WordPress_sentence_83

These types of tools research known vulnerabilities, such as a CSRF, , , XSS, SQL injection and user enumeration. WordPress_sentence_84

However, not all vulnerabilities can be detected by tools, so it is advisable to check the code of plugins, themes and other add-ins from other developers. WordPress_sentence_85

In March 2015, it was reported by many security experts and SEOs, including Search Engine Land, that a SEO plugin for WordPress called Yoast which is used by more than 14 million users worldwide has a vulnerability which can lead to an exploit where hackers can do a Blind SQL injection. WordPress_sentence_86

To fix that issue they immediately introduced a newer version 1.7.4 of the same plugin to avoid any disturbance on web because of the security lapse that the plugin had. WordPress_sentence_87

In January 2017, security auditors at Sucuri identified a vulnerability in the WordPress REST API that would allow any unauthenticated user to modify any post or page within a site running WordPress 4.7 or greater. WordPress_sentence_88

The auditors quietly notified WordPress developers, and within six days WordPress released a high priority patch to version 4.7.2 which addressed the problem. WordPress_sentence_89

As of WordPress 5.2, the minimum PHP version requirement is PHP 5.6, which was released on August 28, 2014, and which has been unsupported by the PHP Group and not received any security patches since December 31, 2018. WordPress_sentence_90

Thus, WordPress recommends using PHP version 7.3 or greater. WordPress_sentence_91

In the absence of specific alterations to their default formatting code, WordPress-based websites use the canvas element to detect whether the browser is able to correctly render emoji. WordPress_sentence_92

Because Tor Browser does not currently discriminate between this legitimate use of the Canvas API and an effort to perform canvas fingerprinting, it warns that the website is attempting to 'extract HTML5 canvas image data'. WordPress_sentence_93

Ongoing efforts seek workarounds to reassure privacy advocates while retaining the ability to check for proper emoji rendering capability. WordPress_sentence_94

Development and support WordPress_section_13

Key developers WordPress_section_14

Matt Mullenweg and Mike Little were co-founders of the project. WordPress_sentence_95

The core lead developers include Helen Hou-Sandí, Dion Hulse, Mark Jaquith, Matt Mullenweg, Andrew Ozz, and Andrew Nacin. WordPress_sentence_96

WordPress is also developed by its community, including WP testers, a group of volunteers who test each release. WordPress_sentence_97

They have early access to nightly builds, beta versions and release candidates. WordPress_sentence_98

Errors are documented in a special mailing list or the project's Trac tool. WordPress_sentence_99

Though largely developed by the community surrounding it, WordPress is closely associated with Automattic, the company founded by Matt Mullenweg. WordPress_sentence_100

On September 9, 2010, Automattic handed the WordPress trademark to the newly created WordPress Foundation, which is an umbrella organization supporting WordPress.org (including the software and archives for plugins and themes), bbPress and BuddyPress. WordPress_sentence_101

WordCamp developer and user conferences WordPress_section_15

WordCamps are casual, locally organized conferences covering everything related to WordPress. WordPress_sentence_102

The first such event was WordCamp 2006 in August 2006 in San Francisco, which lasted one day and had over 500 attendees. WordPress_sentence_103

The first WordCamp outside San Francisco was held in Beijing in September 2007. WordPress_sentence_104

Since then, there have been over 1,022 WordCamps in over 75 cities in 65 different countries around the world. WordPress_sentence_105

WordCamp San Francisco 2014 was the last official annual conference of WordPress developers and users taking place in San Francisco, having now been replaced with WordCamp US. WordPress_sentence_106

First ran in 2013 as WordCamp Europe, regional WordCamps in other geographical regions are held with the aim of connecting people who aren't already active in their local communities and inspire attendees to start user communities in their hometowns. WordPress_sentence_107

In 2019, the Nordic region had its own WordCamp Nordic. WordPress_sentence_108

The first WordCamp Asia was to be held in 2020, but cancelled due to the COVID-19 pandemic. WordPress_sentence_109

Support WordPress_section_16

WordPress' primary support website is WordPress.org. WordPress_sentence_110

This support website hosts both WordPress Codex, the online manual for WordPress and a living repository for WordPress information and documentation, and WordPress Forums, an active online community of WordPress users. WordPress_sentence_111

See also WordPress_section_17


Credits to the contents of this page go to the authors of the corresponding Wikipedia page: en.wikipedia.org/wiki/WordPress.