Track: Track 2
-
Sovereign university AI tutors powered by WordPress
Can universities own their AI future? Discover how Karlstad University uses WordPress Multisite to create customized, pedagogically aligned AI tutors. By combining the power of WordPress with Open Educational Resources (OERs), this project avoids vendor lock-in and ensures institutional control over data and model behavior. Learn how the same open-source tools we use for blogging…
-
Panel: rethinking learning in WordPress
WordPress is currently preparing several changes around learning and contributor onboarding. In this conversation, Mary Hubbard (Executive Director of WordPress), Benjamin Zekavica (Core Team Rep), Rade Jekic (Training Team Rep), Natalia Basiura, and Klaus Harris discuss the programs currently in progress. This includes new contributor pathways, simpler onboarding steps, and the first university partnerships to…
-
The hidden DDoS threat in WordPress: abusing the search endpoint
Discover how attackers weaponize WordPress native search endpoint for devastating DDoS attacks, while learning practical defense strategies from a cybersecurity perspective. This talk reveals a hidden vulnerability in standard WordPress installations and provides easy solutions.
-
Headless WordPress API security in 10 minutes
Learn the five steps to design secure headless WordPress architectures. This talk focuses on API-first security, attack surface reduction, and practical decisions when exposing WordPress APIs to mobile apps and PWAs.
-
WordPress for scientists: building engineering websites at CERN
How do you scale WordPress across multiple teams without losing consistency or control? This talk shares lessons from building and maintaining eight WordPress websites for a large scientific organisation, focusing on workflow, governance and long-term sustainability.
-
Improving the performance of the WordPress Query classes
The WordPress Performance team was established in 2021 with the goal of improving the performance of WordPress Core. As a fundamental part of rendering each and every page of a WordPress site, the `WP_Query` class has received a lot of attention. In this talk, Peter will discuss how the performance of `WP_Query` and the WordPress…
-
Panel: inside WordPress 7.0
WordPress 7.0 is not yet another WordPress release. It might be the most significant release in a while. It comes with features we couldn’t even imagine a couple of years ago. It’s changing how we use WordPress and how we develop on top of and with WordPress. It’s changing everything. Join a group of contributors…
-
Testing the promise: does secure hosting deliver?
“Secure hosting” is everywhere in WordPress, but what does it actually protect against? We put this claim to the test with real penetration testing: 30 known vulnerabilities, multiple hosting providers, standardized methodology validated by independent observers. The findings reveal a critical gap between marketing and reality. WordPress-specific attacks succeed most of the time. This talk…
-
Coordinating the fight: cross-industry collaboration
WordPress hosting threats cross company lines—when one provider falls victim, the entire ecosystem suffers. This session explores how the Internet Infrastructure Forum (IIF) enables hosting providers, registrars, and registries to coordinate abuse response through real-time intelligence sharing. Learn how operational collaboration helps responsible operators detect and stop attacks faster than adversaries can adapt, and why…