WordPress Glossary: 50 Terms Every Site Owner Should Know

Content Team |
WordPress Glossary: 50 Terms Every Site Owner Should Know

If you have spent even a few minutes reading WordPress documentation, plugin descriptions, or hosting comparison pages, you have probably run into words like "slug," "CDN," "canonical URL," or "Gutenberg" and felt unsure what they actually mean for your site.

WordPress uses a specific vocabulary. Some terms come from general web development. Some are WordPress-specific. Some look technical but describe simple ideas. And a few are used loosely or interchangeably in ways that cause genuine confusion.

This glossary covers 50 essential WordPress terms, grouped by the area of your site they relate to: admin, plugins and themes, hosting, performance, SEO, and security. Each definition is written for site owners, not developers. By the end, the terminology that shows up in your WordPress admin, plugin settings, hosting control panel, and SEO reports should make more sense.

Short Answer

A WordPress glossary is a reference of common WordPress terms in plain language. The WordPress ecosystem spans several areas. Each area has its own vocabulary.

You do not need to memorize all 50 terms to run a WordPress site. But knowing what these words mean saves time when you are setting up a plugin, reading a hosting comparison, troubleshooting a speed issue, or following a security recommendation.

The 50 terms in this guide are organized into six groups:

  1. WordPress admin and core
  2. Plugins and themes
  3. Hosting and infrastructure
  4. Performance
  5. SEO
  6. Security

Use the section headings to jump to the terms most relevant to what you are doing right now.

Where These Terms Come From

WordPress terminology comes from several sources:

  • WordPress core: built-in names for features like posts, pages, slugs, revisions, and user roles.
  • The plugin and theme ecosystem: concepts like page builders, child themes, widgets, shortcodes, and freemium pricing.
  • Web hosting and infrastructure: server-side and network terms like DNS, SSL, PHP, and CDN.
  • Performance, SEO, and security fields: each with specialized vocabularies that affect WordPress sites directly.

Understanding a term in one area often unlocks the related terms in the same group. Start with the group most relevant to your current task.

Where You Will Encounter These Terms

Most of these terms show up in one of three places:

The WordPress admin panel (/wp-admin): Dashboard, Posts, Pages, Media Library, Settings, Users, and Plugins all live here.

Plugin and theme settings pages: Third-party plugins and themes introduce their own interfaces. Terms like page builder, shortcode, widget area, and child theme often appear first in documentation or settings screens.

Outside WordPress: Hosting, SSL, CDN, DNS, Core Web Vitals, and security terms appear in your hosting control panel, Google Search Console, PageSpeed Insights reports, or your security plugin dashboard.

Part 1: WordPress Admin and Core

These terms describe the features built directly into WordPress. They appear in your admin panel and post editor.

1. Dashboard

The Dashboard is the main screen you see after logging into the WordPress admin (/wp-admin). It shows a summary of site activity: recent posts, comments, at-a-glance stats, and a quick draft tool. Everything in WordPress is accessible from the sidebar of this screen. The WordPress admin dashboard guide for beginners walks through every section if you are just getting started.

2. Post

A Post is the content type in WordPress designed for timely, regularly updated entries such as blog articles, news, and announcements. Posts are displayed in reverse chronological order on your blog archive page. They can be assigned to categories and tags. Posts support comments by default, though comments can be disabled per post.

3. Page

A Page is the content type in WordPress designed for static, evergreen content: your Home page, About page, Contact page, Services page, and similar. Unlike posts, Pages are not displayed in chronological order and do not use categories or tags. Pages support parent-child hierarchy (for example, a Services page with sub-pages per service).

4. Category

A Category is the primary classification system for WordPress posts. Categories are hierarchical: a category can have sub-categories. Every post should belong to at least one category. Categories affect your URL structure if your permalink setting includes them, and they generate their own archive pages that search engines can index.

5. Tag

A Tag is a secondary, non-hierarchical classification system for WordPress posts. Tags describe specific topics within a post, such as "beginner," "performance," or "WooCommerce." Tags are optional. They generate their own archive pages and work best when used consistently across multiple posts on a narrow topic.

6. Slug

A Slug is the URL-friendly portion of a post, page, category, or tag name. It appears after your domain in the URL. For example, in https://example.com/blog/wordpress-glossary, the slug is wordpress-glossary. WordPress generates a slug automatically from the title, but you can edit it in the post editor. A good slug is short, lowercase, and readable without special characters.

7. Permalink

A Permalink is the full, permanent URL for a specific post or page on your site. WordPress offers several permalink structures under Settings > Permalinks. Most sites use the Post name structure (/%postname%/) because it produces clean URLs such as https://example.com/my-page-title. You should set your permalink structure before publishing content, as changing it later requires setting up redirects.

8. Excerpt

An Excerpt is a short summary of a post. WordPress can generate one automatically by truncating the first 55 words of the post, or you can write a custom one in the post editor. Excerpts are displayed on blog archive pages, category pages, search results pages, and in some theme layouts instead of the full post content.

9. Revision

A Revision is an automatically saved snapshot of a post or page. WordPress saves a new revision each time you click Save Draft or Update. If you make an unwanted change, you can restore a previous version from the Revisions panel inside the post editor. WordPress stores multiple revisions per post by default. On large sites with many posts, limiting the number of stored revisions can reduce database size.

10. Media Library

The Media Library is where WordPress stores all uploaded files: images, PDFs, videos, and audio files. You access it from Media > Library in the admin panel. Images you insert into posts are served from the Media Library. The library supports basic organization by date and allows you to edit alt text, captions, titles, and descriptions for each file.

11. Block Editor (Gutenberg)

The Block Editor, also called Gutenberg, is the default WordPress content editor introduced in WordPress 5.0 (December 2018). It organizes content into individual blocks: paragraph blocks, heading blocks, image blocks, list blocks, button blocks, and more. Each block can be formatted, moved, and configured independently. The Classic Editor plugin restores the older TinyMCE-based text editor for sites that prefer it.

12. User Role

A User Role defines what a registered WordPress user can see and do on the site. The five default roles are Subscriber, Contributor, Author, Editor, and Administrator. A Subscriber can only manage their own profile. An Administrator has full access to all settings, plugins, themes, and user management. The WordPress user roles guide explains how each role works and how to add custom roles.

Part 2: Plugins and Themes

These terms describe the tools that extend WordPress beyond its built-in features.

13. Plugin

A Plugin is a piece of software that adds or extends functionality on a WordPress site without modifying WordPress core files. Plugins handle everything from contact forms and SEO settings to booking systems, membership access, and social sharing. The WordPress.org plugin directory hosts over 60,000 free plugins. If you are just starting out, the guide on how to install WordPress plugins covers the dashboard, ZIP upload, and manual methods.

14. Theme

A Theme controls the visual design, layout, and front-end presentation of a WordPress site. A theme includes templates for different page types (homepage, single post, archive, category) and handles typography, colors, and spacing. WordPress runs one active theme at a time. Switching themes changes the appearance of your site but does not affect post content or plugin data.

15. Child Theme

A Child Theme is a theme that inherits the design and code of a parent theme but allows customizations that survive parent theme updates. If you edit a theme's files directly and that theme receives an update, your changes are overwritten. A child theme keeps your modifications separate so updates do not erase them. Creating and using a child theme is considered best practice when making any direct modifications to theme files.

16. Page Builder

A Page Builder is a plugin or theme feature that lets you design page layouts visually using a drag-and-drop interface, without writing code. You build pages by stacking sections, columns, and blocks or widgets. Examples include Elementor, Spectra (by Brainstorm Force), and Beaver Builder. See the best WordPress page builder plugins for a comparison of free and paid options.

17. Widget

A Widget is a small, self-contained content element that can be placed into widget-ready areas of a WordPress site, such as sidebars and footers. Common widgets include a recent posts list, search bar, tag cloud, text block, and social links. In WordPress, widgets are now managed through the Block Widgets editor (Appearance > Widgets), which uses the same block interface as the post editor.

18. Shortcode

A Shortcode is a WordPress-specific tag written in brackets, such as [contact-form] or [gallery ids="1,2,3"], that outputs dynamic content or activates a plugin's functionality inside a post or page. Shortcodes were the standard way for plugins to embed content before the Block Editor introduced native blocks as an alternative. Many older plugins and some current ones still use shortcodes.

19. GPL License

The GPL (GNU General Public License) is the open-source software license under which WordPress core is released. Most themes and plugins in the WordPress ecosystem are also GPL-licensed. GPL means the software code is free to use, modify, and redistribute under the same license. It does not mean the software is free of charge. A premium plugin can be GPL-licensed and still sold commercially. Purchasing gives you access, support, and updates, not a proprietary code license.

20. Freemium

Freemium describes the pricing model used by many WordPress plugins and themes: a free core version is available (often through the WordPress.org directory), and a paid premium tier unlocks advanced features, dedicated support, or extended integrations. Yoast SEO, WPForms, and Elementor all use freemium. The free vs premium WordPress plugins guide explains the real differences and how to decide which option fits your site.

21. WooCommerce

WooCommerce is the most widely used ecommerce plugin for WordPress. It adds product pages, a shopping cart, a checkout flow, order management, and payment gateway integrations to any WordPress site. WooCommerce itself is free and open source; extensions for specific payment methods, shipping providers, subscriptions, and advanced features are sold separately. If you want to compare it to alternatives, the best WordPress ecommerce plugins guide covers the main options.

Part 3: Hosting and Infrastructure

These terms describe the server, network, and technical foundation your WordPress site runs on.

22. Web Hosting

Web hosting is the service that stores your WordPress site's files and database and makes them accessible on the internet. Without hosting, your site has nowhere to live. Hosting providers range from shared plans for small personal sites to dedicated servers for high-traffic applications. For a comparison of types and providers, see the best WordPress hosting plans guide.

23. Shared Hosting

Shared hosting means your WordPress site shares server resources, including CPU, RAM, and storage, with other websites on the same physical server. It is the most affordable and common hosting type for new and small sites. Performance can vary depending on how many sites share the server and how much any one site uses. Shared hosting is a reasonable starting point for low-traffic personal or business sites.

24. Managed WordPress Hosting

Managed WordPress hosting is a specialized service where the provider handles WordPress-specific technical tasks: automatic core updates, daily backups, security monitoring, and server-level performance optimization. It is typically more expensive than shared hosting but significantly reduces the technical overhead of maintaining a WordPress site. Providers in this category include WP Engine, Kinsta, and SiteGround's Managed WordPress plans.

25. VPS (Virtual Private Server)

A VPS is a virtual machine hosted on a physical server that is partitioned into multiple isolated environments. Each VPS has its own allocated resources, including RAM, CPU, and storage, but shares the underlying physical hardware with other VPS accounts. VPS hosting gives more control and more consistent performance than shared hosting at a lower cost than a fully dedicated server. It suits growing sites that have outgrown shared hosting.

26. Domain Name

A domain name is the human-readable address visitors type to reach your website, such as example.com. Domain names are registered through a domain registrar (such as Namecheap, GoDaddy, or Porkbun) and renewed annually. Your domain name is separate from your hosting account. They are connected through DNS settings. A domain name does not have to be purchased from the same company as your hosting.

27. DNS (Domain Name System)

DNS translates domain names into the IP addresses that servers understand. When someone types your domain into a browser, DNS directs the request to the correct server. DNS settings are managed through your domain registrar's control panel using DNS records such as A records, CNAME records, and MX records. Changes to DNS records can take up to 48 hours to fully propagate across global DNS servers.

28. SSL Certificate

An SSL (Secure Sockets Layer) certificate encrypts the connection between a visitor's browser and your web server. Sites with an active SSL certificate display https:// in the URL and a padlock icon in the browser bar. Google treats HTTPS as a search ranking signal. A site without SSL shows a "Not Secure" warning to visitors. Most hosting providers offer free SSL certificates through Let's Encrypt, which renews automatically.

29. CDN (Content Delivery Network)

A CDN is a network of servers distributed across multiple geographic locations that serves your site's static files, including images, CSS, and JavaScript, from the server closest to each visitor. This reduces loading time for visitors far from your primary server. Popular CDN providers include Cloudflare and BunnyCDN. CDNs are most effective for sites with a global or geographically spread audience.

30. PHP

PHP is the server-side scripting language that WordPress is built on. When a visitor requests a WordPress page, the server runs PHP code to assemble the page content from the database and deliver it to the browser. WordPress requires a minimum PHP version to function correctly. Older PHP versions no longer receive security updates and should not be used. Your hosting control panel typically lets you choose your PHP version under advanced settings.

Part 4: Performance

These terms appear in speed test reports, hosting comparisons, and plugin descriptions related to site load time and user experience.

31. Caching

Caching stores a pre-built version of a WordPress page so the server does not have to regenerate it from scratch on every visitor request. Without caching, WordPress queries the database and runs PHP to build each page dynamically. With caching in place, a saved static version is delivered instantly. Caching is one of the most effective ways to speed up a WordPress site. See the best WordPress caching plugins for a comparison of options.

32. Lazy Loading

Lazy loading delays the loading of images and media until they are about to enter the visitor's visible screen area (the viewport). Instead of loading every image on a page the moment it opens, the browser loads them progressively as the user scrolls. Lazy loading reduces initial page load time and lowers bandwidth usage, particularly on long pages with many images. WordPress has supported native image lazy loading since version 5.5.

33. Image Optimization

Image optimization is the process of reducing image file size without a significant loss of visible quality, to improve page load speed. Optimization includes compression (lossy or lossless), resizing images to their actual display dimensions, and converting them to modern formats such as WebP. Unoptimized images are one of the most common causes of slow WordPress sites. Dedicated plugins automate compression and format conversion on upload.

34. Core Web Vitals

Core Web Vitals are three performance metrics defined by Google that measure real-world page experience: loading speed (LCP), visual stability (CLS), and interactivity (INP). They are an official Google Search ranking factor. Your scores are visible in Google Search Console under the Core Web Vitals report and in Google PageSpeed Insights. The WordPress speed optimization guide covers how to diagnose and improve each metric.

35. LCP (Largest Contentful Paint)

LCP measures how quickly the largest visible element on a page, typically a hero image or large heading, renders from the perspective of the visitor. A good LCP score is 2.5 seconds or less. Common causes of poor LCP include unoptimized large images, slow server response times, render-blocking JavaScript and CSS, and uncached WordPress pages.

36. CLS (Cumulative Layout Shift)

CLS measures how much the visible content of a page shifts unexpectedly while it loads. A high CLS score means elements jump around as the page finishes rendering, which disrupts the visitor's experience. Common causes include images without specified dimensions, late-loading ads or embeds, and web fonts that cause text to reflow. A good CLS score is 0.1 or less.

37. INP (Interaction to Next Paint)

INP measures how quickly a page responds to user interactions such as taps, clicks, and keyboard input. It replaced FID (First Input Delay) as a Core Web Vital in March 2024. INP tracks the full delay between a user action and when the browser visually updates the page in response. A good INP score is 200 milliseconds or less. Heavy JavaScript execution and slow third-party scripts are common causes of poor INP.

Part 5: SEO Terms

These terms appear in SEO plugin settings, Google Search Console reports, and guides on WordPress search optimization.

38. Meta Title

A meta title, also called the SEO title or title tag, is the HTML element that defines the title of a page for search engines and browser tabs. It appears as the clickable blue headline in Google search results. WordPress themes sometimes output meta titles automatically, but an SEO plugin gives you per-page control. A well-written meta title includes the target keyword, is specific to the page, and is around 50 to 60 characters to avoid being cut off in search results.

39. Meta Description

A meta description is the short summary shown below the meta title in search results. It does not directly affect rankings, but a well-written description can improve click-through rates by giving searchers a clear reason to visit. WordPress does not add meta descriptions by default; an SEO plugin handles this. A practical length is 140 to 160 characters. See the best free WordPress SEO plugins for tools that manage both meta titles and descriptions.

40. XML Sitemap

An XML sitemap is a machine-readable file that lists all the URLs on your WordPress site. It helps search engines discover and index your content, especially on new sites or sites with pages that are not well-linked internally. Most SEO plugins generate and update an XML sitemap automatically. You submit the sitemap URL to Google Search Console to signal it to Google's crawlers.

41. Canonical URL

A canonical URL is an HTML tag that tells search engines which version of a page is the preferred, authoritative one when the same or similar content is accessible at more than one URL. For example, https://example.com/post and https://example.com/post?ref=newsletter might display the same content. The canonical tag points crawlers to the intended URL and prevents duplicate content issues. WordPress SEO plugins handle canonical tags automatically for standard content types.

42. Schema Markup

Schema markup is structured data added to a page's HTML that helps search engines understand the content's context and type: a product, a recipe, a review, an FAQ, a local business, or an event. When Google reads schema markup correctly, it can display "rich results" in search, such as star ratings, FAQ dropdowns, and how-to steps, which can improve click-through rates. WordPress SEO plugins and dedicated schema plugins add schema without requiring code knowledge.

43. Focus Keyword

A focus keyword (also called a target keyword) is the primary search term a specific post or page is written to rank for. SEO plugins such as Yoast SEO and Rank Math use the focus keyword setting to check whether the content, meta title, meta description, slug, and headings consistently signal relevance for that term. A clearly defined focus keyword per page keeps your content targeted and helps avoid two pages on your site competing for the same search query (keyword cannibalization).

44. Robots.txt

robots.txt is a plain-text file at the root of your website (e.g., https://example.com/robots.txt) that gives crawlers instructions about which parts of your site they should and should not access. WordPress generates a virtual robots.txt by default, and SEO plugins let you customize it. Common uses include blocking crawlers from admin areas, search result pages, and duplicate archive URLs that should not be indexed.

Part 6: Security Terms

These terms appear in security plugin dashboards, hosting recommendations, and WordPress hardening guides.

45. Two-Factor Authentication (2FA)

Two-factor authentication adds a second verification step to the WordPress login process beyond your username and password. After entering your credentials, you confirm your identity with a code from an authenticator app, an SMS message, or an email. 2FA significantly reduces the risk of unauthorized access even when a password is compromised. See the best WordPress two-factor authentication plugins for free and paid options.

46. Nulled Plugin

A nulled plugin is a premium WordPress plugin or theme that has been copied illegally and distributed for free, typically with the license verification code removed. Nulled plugins frequently contain malicious code injected by the distributor: backdoors, spam injection scripts, and redirect code. Installing a nulled plugin puts your site, your visitors, and your hosting account at serious risk. The guide on why you should avoid nulled WordPress plugins explains all the risks in detail.

47. Malware

Malware is malicious software injected into a WordPress site through a vulnerable plugin or theme, a compromised admin password, or an outdated WordPress installation. Common effects include unauthorized redirects to spam sites, spam email sent from your server, defacement of site content, and silent theft of visitor credentials. Security plugins that scan for malware include Wordfence, Sucuri, and MalCare. Regular scanning and prompt updates are the primary defenses.

48. Brute Force Attack

A brute force attack is an automated attempt to guess your WordPress login credentials by rapidly cycling through large lists of username-and-password combinations. The default WordPress login page (/wp-login.php) is a known and frequently targeted endpoint. Changing your login URL, using strong unique passwords, enabling 2FA, and limiting failed login attempts all reduce brute force exposure. Most WordPress security plugins include login protection and automatic IP blocking after repeated failures.

49. Firewall

A WordPress firewall, also called a Web Application Firewall (WAF), monitors incoming traffic to your site and blocks malicious requests before they reach WordPress. It identifies and filters known attack patterns, malicious IP addresses, and automated scanners. Firewalls are available at two levels: plugin-level (Wordfence, Sucuri Security) and DNS or CDN level (Cloudflare). A DNS-level firewall processes traffic before it reaches your server, which is more effective against large-scale attacks.

50. Backup

A backup is a saved copy of your WordPress site's files and database that can be restored if something goes wrong: a malware infection, a failed plugin update, accidental deletion of content, or a server failure. Backups should be stored off-site, not only on your hosting server, so that a server failure does not take the backup with it. Automated backup plugins such as UpdraftPlus, Jetpack Backup, and WP STAGING can schedule daily or hourly backups to cloud storage. See the best WordPress backup plugins for a comparison.

Common Misconceptions About WordPress Terms

"WordPress.com and WordPress.org are the same thing." They are different products. WordPress.org is the open-source software you download and install on your own hosting. WordPress.com is a hosted platform built on top of that software, with its own pricing tiers and platform restrictions. Most tutorials, plugins, and guides discussed online refer to WordPress.org. The WordPress.org vs WordPress.com guide explains the difference in full.

"A plugin and a theme do the same thing." A theme controls how your site looks. A plugin adds or changes what your site does. Some visual features can be delivered through either a theme or a plugin, but they serve different purposes. Changing your theme does not remove or affect your plugins, and vice versa.

"GPL means the plugin is free of charge." GPL is a software license about usage rights, not price. A plugin can be GPL-licensed and still sold commercially. Most premium WordPress plugins are GPL-licensed. "GPL" tells you about the code's legal freedom to use, modify, and share. It does not tell you anything about cost.

"More plugins always means a slower site." The number of plugins is not the primary variable. Code quality, whether scripts load only where needed, and whether caching is in place matter much more. A site with 30 lightweight, well-coded plugins can load faster than one with 10 bloated ones. The how many WordPress plugins are too many guide explains what actually affects performance.

"HTTPS means the site is safe." HTTPS encrypts the connection between a visitor's browser and the server. It does not mean the site's content is accurate, the site is free of malware, or the site owner is trustworthy. HTTPS protects data in transit. It says nothing about security practices, code quality, or site intentions.

"Managed WordPress hosting is always worth the extra cost." Managed hosting handles updates, backups, and technical maintenance for you. For many sites this is genuinely valuable. For others, a well-configured shared or VPS host with the right plugins achieves similar results at lower cost. The right choice depends on your traffic level, technical confidence, and how much your time is worth.

When You Should Know These Terms

You will encounter this vocabulary most often in these situations:

Setting up a new WordPress site. Domain, DNS, hosting type, SSL, PHP version, and page builder all come up during initial setup. Knowing these terms helps you make informed choices rather than picking options at random.

Choosing and installing plugins. Freemium, GPL, shortcode, widget, and plugin installation methods are all part of evaluating and adding tools. Understanding these terms helps you read plugin descriptions accurately and set realistic expectations.

Troubleshooting a slow site. Caching, lazy loading, image optimization, LCP, CLS, and INP are the vocabulary you need when investigating a performance problem. Knowing what each metric measures tells you where to look.

Improving search visibility. Meta title, meta description, canonical URL, XML sitemap, schema markup, focus keyword, and robots.txt all appear in SEO plugin interfaces and Google Search Console. Understanding them turns abstract recommendations into concrete actions.

Responding to a security warning. Malware, brute force attack, firewall, nulled plugin, and 2FA come up when your host, security plugin, or a site audit flags an issue. Knowing what these terms mean helps you respond appropriately rather than ignore or panic.

Managing a team or client site. User roles, revisions, excerpts, slugs, and categories are everyday admin vocabulary. Understanding them makes delegation and workflow management clearer.

Related Next Steps

If you want to go deeper on any area in this glossary, these are practical next reads: