The program, AI Leaders, is a workforce-oriented credential rooted in WordPress and open source contributions. Students are paid for their time, work on real WordPress projects, and gain hands-on experience applying AI in ways that are directly relevant to the WordPress ecosystem. This pilot represents a meaningful step forward in how the project supports learning, contribution, and career pathways.

Beginning in March 2026, AI Leaders launches its first cohort of 80 students from Illinois and Louisiana, with University of Illinois Chicago (UIC) students given priority to apply before enrollment expands to the public. Enrollees begin with an orientation covering generative AI tools and AI literacy. From there, 40 participants are selected for the full course experience. Ultimately, the program leads to the AI Leader WordPress Micro-Credential and an opportunity to pursue living-wage job pathways. Learners who complete the course also earn $1,000 (USD).

This pilot is the result of collaboration across several organizations, each playing a distinct role. The program is funded through the UIC Tech Solutions Open Source Fund, with support from the University of Illinois Chicago and Automattic. That funding supports program delivery, participant compensation, and the institutional infrastructure needed to run the pilot. Alongside that funding, the WordPress project and the WordPress Foundation will contribute to the development of the credential itself. This includes shaping the curriculum, grounding the work in real WordPress AI use cases, and ensuring alignment with open source values and public benefit.

This is the first WordPress Foundation-backed micro-credential, and it is intentionally being run as a pilot. We are exploring how the Foundation could support additional credentials over time, across different skill areas and partners, while maintaining clear governance, openness, and alignment with the WordPress project. It represents a step toward a future where WordPress contributors can more easily translate their skills into credentials, careers, and long-term opportunities.

WordPress offers a wide range of educational opportunities for people at every stage, from first steps to advanced contribution. Explore workshops, lesson plans, and community-created resources designed to help you build practical skills while connecting with others who are learning and contributing at WordPress.org/education/.

With hands-on initiatives and supportive communities, participants can grow new skills and take their first steps as contributors. Across campuses and communities worldwide, learners publish real projects, build practical experience, and gain confidence as part of open source creation.

A clearer path into the WordPress ecosystem

WordPress Education is designed to help students turn knowledge into practice, discover their strengths, and understand how their contributions can make a real impact through three core programs: WordPress Campus Connect, WordPress Credits, and WordPress Student Clubs.

Through hands-on campus events, such as WordPress Campus Connect, on-campus groups like WordPress Student Clubs, and a practice-based program called WordPress Credits, participants can gain practical experience, publish real-world projects, and build confidence as contributors to a global culture of open-source creation.

At its heart, these WordPress education programs are about three simple ideas:

Learn. Build. Connect.

This update brings WordPress education programs together in one place, with an easy way to explore initiatives, understand how they work, and take the next step.

You will find:

• A home for WordPress Education programs and updates
• Clear “how to get involved” paths for students, educators, mentors, organizers, and sponsors
• Stories, highlights, and examples of real projects created through the programs
• Links to the Education Handbook for program guidelines and resources

Support This Growing Movement

Help spread the word, and let friends, students, and others know how they can contribute to this growing effort, including a widely expanding translation effort. WordPress Education has already been translated into 10 new languages. WordPress Education is powered by people who believe in open learning and the power of collaboration.

These versions were first released nine or more years ago and over 99% of WordPress installations run a more recent version. The chances this will affect your site, or sites, is very small.

If you are unsure if you are running an up-to-date version of WordPress, please log in to your site’s dashboard. Out of date versions will display a notice that looks like this:

The version you are running is displayed in the bottom of the “At a Glance” section of the dashboard.

As a reminder, the only actively supported version of WordPress is the most recent one. Security updates are only backported to older branches as a courtesy.

The Make WordPress Security blog has further details about the process to end support.

In nearly 1,000 days, the WordPress community has created 1,000 Block themes—coming together to use the full potential of the Site Editor and unleash new creative possibilities for everyone.

First introduced in WordPress 5.9, Block themes have steadily evolved, improving flexibility and functionality for themers, users, and agencies alike. Now, design tools allow customizing almost every detail. With style variations, users can change the overall look of their site in a few clicks. You can even use curation options to customize the editing process itself. But we’re not done! We can’t wait to keep pushing Block themes even further. Thank you to every early adopter who, by embracing early features with passion, helped shape the Block themes we love today with feedback and testing.

If you haven’t yet explored Block themes, check out some of the resources below to get inspired:

• Use one of the 1,000 Block themes available and see what you can create. For an easy way to explore, try WordPress Playground to quickly get started with a temporary site. 
• Read the Theme handbook to understand types of themes, how themes work, and how to get started building. 
• Use the Create Block Theme plugin to streamline Block theme creation with a dedicated tutorial on Learn WordPress that will help you get started.  
• Get inspired by watching and joining community members building themes together. This is a great way for folks new to Block themes to learn, hands-on. 

Let’s celebrate and share our contributions! Please comment on the Theme Team’s post dedicated to highlighting this milestone to share your favorite Block theme and thank those who have contributed along the way. 

Thank you to @kristastevens for editorial help, @beafialho for the featured image, and @kafleg for reviewing.

On WP Engine’s homepage, they promise “Unmatched performance, automated updates, and bulletproof security ensure your sites thrive.”

WP Engine was well aware that we could remove access when they chose to ignore our efforts to resolve our differences and enter into a commercial licensing agreement. Heather Brunner, Lee Wittlinger, and their Board chose to take this risk. WPE was also aware that they were placing this risk directly on WPE customers. You could assume that WPE has a workaround ready, or they were simply reckless in supporting their customers. Silver Lake and WP Engine put their customers at risk, not me.

We have lifted the blocks of their servers from accessing ours, until October 1, UTC 00:00. Hopefully this helps them spin up their mirrors of all of WordPress.org’s resources that they were using for free while not paying, and making legal threats against us.

WP Engine needs a trademark license, they don’t have one. I won’t bore you with the story of how WP Engine broke thousands of customer sites yesterday in their haphazard attempt to block our attempts to inform the wider WordPress community regarding their disabling and locking down a WordPress core feature in order to extract profit.

What I will tell you is that, pending their legal claims and litigation against WordPress.org, WP Engine no longer has free access to WordPress.org’s resources.

WP Engine wants to control your WordPress experience, they need to run their own user login system, update servers, plugin directory, theme directory, pattern directory, block directory, translations, photo directory, job board, meetups, conferences, bug tracker, forums, Slack, Ping-o-matic, and showcase. Their servers can no longer access our servers for free.

The reason WordPress sites don’t get hacked as much anymore is we work with hosts to block vulnerabilities at the network layer, WP Engine will need to replicate that security research on their own.

Why should WordPress.org provide these services to WP Engine for free, given their attacks on us?

WP Engine is free to offer their hacked up, bastardized simulacra of WordPress’s GPL code to their customers, and they can experience WordPress as WP Engine envisions it, with them getting all of the profits and providing all of the services.

If you want to experience WordPress, use any other host in the world besides WP Engine. WP Engine is not WordPress.

How fast a web page loads, how quickly a page reacts when you click a button, or how smoothly it scrolls can all significantly impact the end-user experience. A more performant site can lead to higher reader engagement and more conversions. Thankfully, over the past few years, the WordPress project has made major performance improvements across the board for the core platform, plugins, and themes.

Many enhancements are available out of the box, with no configuration required. They improve the website frontend’s performance—the part visitors see—and various parts of the administrative experience, such as the editor.

Here’s a partial list of performance upgrades from the past year:

• WordPress 6.3 brought several enhancements to image loading. This resulted in an improvement of up to 21% in loading time for any WordPress page with a hero image.
• WordPress 6.5 launched with a more efficient translation engine. In benchmark testing, it improved WordPress response time by 23% for all localized WordPress sites. More than 55% of all WordPress sites worldwide use a language other than US English and would benefit from this enhancement.
• WordPress 6.5 also included several performance optimizations for the Block Editor, leading to 5x faster typing processing and 2x faster load times when creating or editing content in the site and post editors.

In addition to the Core enhancements listed above, the WordPress project continues to work on several efforts that indirectly benefit the ecosystem’s performance.

For instance, WordPress Core leverages automated tooling for continuously monitoring its performance, covering every product update. This helps measure new features’ performance improvements and enables contributors to detect potential performance problems during the development of a new feature or release so any issues can be proactively addressed long before end users are affected. A project is currently underway to make the same tooling used by WordPress Core developers available to plugin and theme authors as well.

Additionally, the new WordPress plugin checker allows checking any plugin for performance best practices, among other requirements and recommendations. The plugin checker should lead to more performance awareness in plugin authors and, eventually, faster plugins. If you develop plugins, consider integrating this tool into your development and testing workflow.

Last but not least, WordPress 6.5 introduced the Interactivity API, which is a technical foundation that facilitates more performant user interactions. This new infrastructure drastically simplifies the implementation of interactive website features and can even centrally control certain aspects of performance, keeping multiple independent plugins operating efficiently.

These performance updates result from a collaborative effort from all corners of the community, including the WordPress Performance Team. This team, founded in 2021, underscores the WordPress project’s commitment to performance. And the results are substantial: Compared to a year ago, 8% more WordPress sites deliver good load time performance at scale—significantly better than the overall web’s 5.5% load time improvement. The web is getting more performant, and WordPress is leading the way.

WordPress contributors are determined to continue this trend by working on further performance iterations. Whether you’re a WordPress end user, administrator, site builder, or developer, you can contribute to this effort. Anyone can test the performance features before being released in Core through individual feature plugins. Each feature can be tested via the Performance Lab plugin, so please try them! Testing features early helps the team assess their impact and collect valuable feedback.

Are you eager for more WordPress performance news and updates? Then check out the 2024 performance roadmap. Thanks to the entire community for your hard work. Not only does it ensure WordPress’ continued improvement and growth, but it benefits the entire open web.

Thank you to @annezazu @clarkeemily @tweetythierry @swissspidy @westonruter @adamsilverstein @joemcgill for content review and @provenself @dansoschin for editorial review.

The WordPress Security Team will never email you requesting that you install a plugin or theme on your site, and will never ask for an administrator username and password.

If you receive an unsolicited email claiming to be from WordPress with instructions similar to those described above, please disregard the emails and indicate that the email is a scam to your email provider.

These emails link to a phishing site that appears to be the WordPress plugin repository on a domain that is not owned by WordPress or an associated entity. Both Patchstack and Wordfence have written articles that go in to further detail.

Official emails from the WordPress project will always:

• Come from a @wordpress.org or @wordpress.net domain.
• Should also say “Signed by: wordpress.org” in the email details section.

The WordPress Security Team will only communicate with WordPress users in the following locations:

• the Making WordPress Secure blog at make.wordpress.org/security
• the main WordPress News site at wordpress.org/news

The WordPress Plugin team will never communicate directly with a plugin’s users but may email plugin support staff, owners and contributors. These emails will be sent from plugins@wordpress.org and be signed as indicated above.

The official WordPress plugin repository is located at wordpress.org/plugins with internationalized versions on subdomains, such as fr.wordpress.org/plugins, en-au.wordpress.org/plugins, etc. A subdomain may contain a hyphen, however a dot will always appear before wordpress.org.

A WordPress site’s administrators can also access the plugin repository via the plugins menu in the WordPress dashboard.

As WordPress is the most used CMS, these types of phishing scams will happen occasionally. Please be vigilant for unexpected emails asking you to install a theme, plugin or linking to a login form.

The Scamwatch website has some tips for identifying emails and text messages that are likely to be scams.

As always, if you believe that you have discovered a security vulnerability in WordPress, please follow the project’s Security policies by privately and responsibly disclosing the issue directly to the WordPress Security team through the project’s official HackerOne page.

Thank you Aaron Jorbin, Otto, Dion Hulse, Josepha Haden Chomphosy, and Jonathan Desrosiers for their collaboration on and review of this post.

This blog is the culmination of a community effort that began last year. Formed by experienced WordPress community members and developers, the editorial group has since worked on a wide range of content already available—from theme and block development tutorials to tips and tricks for leveraging WordPress in the site editing era.

A new home for developers

As a complementary resource to the WordPress documentation, the Developer Blog aims to provide a shared space to stay informed of development-related updates, keep up with ongoing discussions and ideas, and explore cutting-edge use cases.

In other words, consider it as a central hub for developers and extenders of different backgrounds and skill levels to learn with quality content from reliable sources, share knowledge, and drive WordPress development forward.

True to the open source way, the blog will likely evolve. As its editors and readers learn and create more content, it will adapt in response to the needs of community members like you.

Everyone is welcome to chime in on-topic discussions, share ideas or contribute. Learn more about how to get involved.

What about the content?

Content on the WordPress Developer Blog covers many topics, including tutorials on theme development, plugins, and block development. You can also expect posts on WordPress APIs, best practices for working with WordPress, updates on upcoming releases, and learning resources for beginners and seasoned developers.

These articles offer a good hint at what’s already in store for you:

• Demystifying home and posts templates in WordPress theme development
• Creating themes from a pattern-first mindset
• Static vs. dynamic blocks: What’s the difference?
• Creating custom block styles in WordPress themes
• What’s new for developers? (March 2023)

Sounds interesting?

Subscribe to the Developer Blog to keep up with the latest content in the WordPress development space.

Props for content and peer review @chanthaboune @rmartinezduque @mburridge @marybaum @bph @greenshady @webcommsat.

These versions of WordPress were first released eight or more years ago so the vast majority of WordPress installations run a more recent version of WordPress. The chances this will affect your site, or sites, is very small.

If you are unsure if you are running an up-to-date version of WordPress, please log in to your site’s dashboard. Out of date versions of WordPress will display a notice that looks like this:

In WordPress versions 3.8 – 4.0, the version you are running is displayed in the bottom of the “At a Glance” section of the dashboard. In WordPress 3.7 this section is titled “Right Now”.

The Make WordPress Security blog has further details about the process to end support.