
Research
/Security News
Critical Vulnerability in NestJS Devtools: Localhost RCE via Sandbox Escape
A flawed sandbox in @nestjs/devtools-integration lets attackers run code on your machine via CSRF, leading to full Remote Code Execution (RCE).
@nextwp/core
Advanced tools
Welcome to the new era of Headless WordPress development.
Quickstart | Explore packages | Documentation
NextWP is a library built on the WP REST API and Next.js App Router that streamlines the process of building super fast Headless WordPress sites with Next.js. It provides a set of tools and utilities to help you build interactive, dynamic, and performant sites with WordPress and Next.js.
Why does NextWP use the WP REST API?
The easiest way to get started is to install NextWP Headless Theme in your WordPress site. This will install the required plugins and offer optional recommended plugins to improve the headless WP experience.
Ensure you have the following WordPress plugins installed:
One click deploy a new project to Vercel:
Or, you can get up and running by using the cli tool create-nextwp-app
:
npx create-nextwp-app
If you want to add to an existing project, you can install the @nextwp/core
package:
Install @nextwp/core
in your Next.js project:
npm install @nextwp/core
Here is a basic example of how to use @nextwp/core
in your existing Next.js project:
// src/app/[[...paths]]/page.tsx
import { WordpressTemplate } from "@nextwp/core";
import templates from "@/templates";
export default function PageTemplate(props) {
return (
<WordpressTemplate
params={props.params}
searchParams={props.searchParams}
templates={templates}
/>
);
}
export { generateMetadata, generateStaticParams } from "@nextwp/core";
Read the NextWP docs for more information on how to use @nextwp/core
.
The following environment variables are required for configuring @nextwp/core
:
NEXT_PUBLIC_WP_URL
: The URL of your WordPress site.NEXT_SITE_URL
: The URL of your Next.js site.REVALIDATE_SECRET_KEY
: A secret key used for revalidation.WP_APPLICATION_PASSWORD
: The application password for authenticating with WordPress.NEXT_PREVIEW_SECRET
: The secret key for preview mode.Make sure to set these environment variables in your project's configuration.
Read more about environment variables.
FAQs
Unknown package
The npm package @nextwp/core receives a total of 0 weekly downloads. As such, @nextwp/core popularity was classified as not popular.
We found that @nextwp/core demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
/Security News
A flawed sandbox in @nestjs/devtools-integration lets attackers run code on your machine via CSRF, leading to full Remote Code Execution (RCE).
Product
Customize license detection with Socket’s new license overlays: gain control, reduce noise, and handle edge cases with precision.
Product
Socket now supports Rust and Cargo, offering package search for all users and experimental SBOM generation for enterprise projects.