Melapress
We develop outstanding plugins that help website administrators and owners. https://melapress.com/
Specialized management & security WordPress plugins
We develop outstanding plugins that help website administrators and owners boost their WordPress management and security.
17/06/2026
Who connected an AI model to your WordPress website?
With WordPress 7.0 introducing AI Connectors, websites can now connect directly to services such as ChatGPT, Claude, Gemini, and others.
As with any integration, it's important to know who made changes, when they were made, and what exactly changed. That's why the latest WP Activity Log update now includes AI Connector monitoring.
The plugin now logs:
โ
AI model plugin installations
โ
AI model connections
โ
AI model disconnections
โ
Changes to AI Connector configurations
Whether you're managing a single site or multiple websites, having visibility into AI-related activity helps with both security and accountability.
๐Download the latest version of WP Activity Log:
https://wordpress.org/plugins/wp-security-audit-log/
16/06/2026
In the next live episode of the Melapress Show, Robert is joined by Adam Zieliลski, WordPress Core Committer and the architect behind WordPress Playground, to explore what Playground actually is, why it was built, and how it's already changing the way people learn, test, and contribute to WordPress.
They'll cover how agencies are using Playground for plugin evaluation and client onboarding, how educators are using it to teach WordPress without the setup headaches, and what's next for the project, including AI experimentation and use cases the team never anticipated.
Guest: Adam Zieliลski, WordPress Core Committer & Playground Architect
Hosted by the Melapress Show, expert conversations on WordPress, security, and open-source business realities with Robert Abela.
WordPress Playground Deep Dive: Easier Learning, Testing & Contribution| Adam Zielinski (Automattic) In this live episode of the Melapress Show, Robert is joined by Ada...
In this clip from our podcast, Jonathan Bossenger, Developer Advocate at Automattic, describes how chaining abilities together can create resilient, automated workflows across an entire WordPress site.
A single "run site update" ability can call separate abilities for plugins, themes, and health checks, and stop midway if something goes wrong.
๐ Full podcast: https://www.youtube.com/live/842K7xSD1TA
In this clip from our podcast, Jonathan Bossenger, Developer Advocate at Automattic, explains why WordPress stores API keys without encryption and what site owners can do about it today.
Moving keys to wp-config.php keeps them out of the database, and placing wp-config outside the public web root adds another layer of protection. The broader Connectors page is now sparking a community discussion about key storage for all external services, not just AI. A proper solution may not be far off.
๐ Full podcast: https://www.youtube.com/live/842K7xSD1TA
In this clip from our podcast, Jonathan Bossenger, Developer Advocate at Automattic, breaks down why the Abilities API could change how WordPress handles automation and integrations.
Instead of building separate connectors for each tool, the Abilities API uses a single shared format across AI, automation platforms, and REST endpoints. A forms plugin, for example, can register an ability that works with AI, fires via REST, and connects to Zapier, all from the same setup. One standard, every integration.
๐ Full podcast: https://www.youtube.com/live/842K7xSD1TA
In this episode of the Melapress Show, Robert Abela sits down with Austin Ginder, Founder of Anchor Host and WP Beacon, to discuss how plugin supply chain attacks work, the attack patterns he uncovered while managing more than 3,000 WordPress sites, and how AI-assisted investigation is changing security research.
We'll cover:
- Expired domains that can become part of plugin takeover attempts
- Redirected update infrastructure and compromised update channels
- Version number manipulation techniques designed to keep users on compromised releases
- How AI speeds up the process of reconstructing attack timelines and identifying suspicious changes
- WP Beacon and WP Registry, two projects aimed at improving transparency around plugin integrity
Whether you're a developer, hosting provider, agency, or security professional, this episode provides a practical look at one of the most important emerging risks in the WordPress ecosystem.
11/06/2026
A WordPress developer managing more than 3,000 sites began investigating a spike in compromises and uncovered multiple examples of plugin supply chain attacks.
In this episode, Austin Ginder joins Robert Abela to explain how these attacks work, the patterns he investigated, and how AI speeds up the reconstruction of attack timelines and the identification of suspicious activity.
๐ We'll discuss:
โซ๏ธ How supply chain attacks exploit trusted plugin update mechanisms
โซ๏ธ Expired domains, redirected update infrastructure, and version number manipulation
โซ๏ธ How Claude Code speeds up security investigations and timeline reconstruction
โซ๏ธ WP Beacon and its approach to identifying supply chain indicators
โซ๏ธ WP Registry and the idea of community-driven plugin verification
โซ๏ธ What WordPress can realistically do about abandoned plugins
๐ฏ Ideal for WordPress developers, hosting providers, agencies, and anyone responsible for plugin security and update management.
Join the premiere in 1 hour ๐
https://facebook.com/events/s/how-wordpress-plugin-supply-ch/1561411105704897/
10/06/2026
At , many attendees stopped by our booth, shared their thoughts on WordPress security, and entered our raffle ๐
We gave away an ASUS ZenScreen portable monitor. The good news? Our WordPress Security Survey is still open ๐
Complete the survey for a chance to win one of 3 prizes while helping us better understand the real security challenges you face.
๐ Take the survey here: https://melapress.com/survey/
In this clip from our podcast, Jonathan Bossenger, Developer Advocate at Automattic, shares the practical steps to getting a WordPress idea heard by the right people.
Start in WordPress Slack, but don't just drop the idea and walk away. If there's no response, follow up, then tag relevant team reps directly. Building relationships with individual team members makes a real difference. People who know you are far more likely to engage, point you to the right place, or help move things forward.
๐ Full podcast: https://www.youtube.com/live/842K7xSD1TA
08/06/2026
Thank you, ! ๐
What an incredible few days in Krakow ๐ต๐ฑ
We had a great time meeting customers, partners, contributors, and so many members of the WordPress community over the last few days.
Events like WordCamp Europe are always a great reminder of how strong and welcoming the WordPress community is.
A big thank you as well to the organizers, volunteers, speakers, and everyone involved in making the event happen.
Weโve put together a few moments from the event below. ๐ธ
See you next time! ๐
Klik hier om uitgelicht te worden.