Introducing EmDash — the spiritual successor to WordPress that solves plugin security

The emergence of EmDash, a proposed successor to WordPress, signifies a modern shift in content management systems by addressing longstanding security vulnerabilities inherent in WordPress plugins. While WordPress has been a monumental success in democratizing publishing and continues to hold a significant place in the digital landscape, its plugin architecture remains fundamentally insecure, with 96% of its security issues originating from plugins that have unrestricted access to databases and files. EmDash, built from scratch using TypeScript and leveraging Astro for speed, introduces a serverless, open-source platform with sandboxed plugins running in isolated environments, significantly enhancing security by allowing plugins only the capabilities they explicitly declare in their manifest. This model provides a clear permission structure similar to OAuth, thus preventing unauthorized access and malicious activities. EmDash aims to build upon the legacy of WordPress by offering a more secure, flexible, and modern solution that can be deployed on various platforms, allowing developers to innovate with fewer restrictions while maintaining the open-source spirit.