A WordPress publication · Launched May 2026
WordPress, without the developer-speak.
A smart, opinionated publication about what's actually happening in WordPress, written for WordPress site owners and for the developers and consultants who advise them.
This week's roundup
Read in full Issue 05 / Weekend Within · June 12, 2026
Issue 5: Security got stricter
WordPress slowed plugin auto-updates, UpdraftPlus fixed a serious bug, and 7.1 looks more stable.
Inside this issue
01
Security Auto-updates now wait, and one major plugin needs attention.
02
WordPress 7.1 WordPress pulled back a risky change and widened email support.
Recently
All articlesJune 12, 2026
Issue 5: Security got stricter
WordPress slowed plugin auto-updates, UpdraftPlus fixed a serious bug, and 7.1 looks more stable.
Weekend Within roundup
4 min
June 11, 2026
UpdraftPlus fixed a critical site takeover bug
If you use UpdraftPlus and connected it to UpdraftCentral, update now to close a critical admin takeover risk.
Security
2 min
June 05, 2026
Issue 04: Patch now, watch 7.1
Three urgent plugin updates, plus two WordPress 7.1 changes worth watching.
Weekend Within roundup
4 min
June 04, 2026
Update Everest Forms Pro now, attackers are exploiting a critical bug
Attackers are exploiting a critical Everest Forms Pro bug that can let them take over unpatched WordPress sites.
Security
2 min
June 03, 2026
Update Burst Statistics now, attackers are already using a site takeover flaw
Burst Statistics users should update to 3.4.2 now. Attackers are already exploiting a critical flaw that can take over a site.
Security
2 min
June 02, 2026
Update Kirki now to stop an account takeover flaw
A Kirki plugin flaw could let attackers take over WordPress accounts, including admins. Update the plugin now.
Security
2 min