Automatically updated WordPress Composer package
-
Updated
Jul 17, 2026
Automatically updated WordPress Composer package
A Composer custom installer to handle installing WordPress as a dependency
Automatically updated WordPress composer package (full version, with wp-content and themes)
Automatically updated WordPress composer package (version without wp-content)
Composer repository for WordPress core
wp2shell — Pre-authentication RCE in WordPress Core (CVE-2026-60137 + CVE-2026-63030). Chains an SQL injection in author__not_in with batch-route confusion for unauthenticated remote code execution on WP 6.9.0–6.9.4 / 7.0.0–7.0.1.
Composer-compatible package repository for WordPress core distributions for StarterKit project.
Automatically updated WordPress-full Composer package
Must-Use WordPress plugin to completely lock core updates in managed and production environments.
Automatically updated WordPress-no-content Composer package
Generates itinerisltd/wordpress composer package
Automatically updated WordPress-new-bundled Composer package
A Step-by-Step Guide on How to Become a WordPress Core Contributor:
Add a description, image, and links to the wordpress-core topic page so that developers can more easily learn about it.
To associate your repository with the wordpress-core topic, visit your repo's landing page and select "manage topics."