Glossary

Plain-English answers to the questions we get most about mission-driven WordPress, fractional CXO engagements, B Corp software work, and the way Hello World partners with teams.

A

  • API-first WordPress is an architectural pattern in which content is created and managed in WordPress but consumed primarily through its REST API or WPGraphQL by other systems — mobile apps, JavaScript front-ends, third-party platforms — rather than by the WordPress theme alone.

  • ARIA (Accessible Rich Internet Applications) patterns are reusable accessibility recipes published by the W3C that describe how to implement complex interactive components — tabs, dialogs, comboboxes, accordions — so they're usable by screen reader and keyboard-only users, defini

B

  • A B Corp Certified software agency is a development firm that has met B Lab's third-party standards for verified social and environmental performance, public transparency, and legal accountability — committing to balance profit with purpose across governance, workers, community,

  • A block theme is a WordPress theme architecture that uses HTML templates assembled from Gutenberg blocks (including site-wide elements like the header and footer), while a classic theme uses PHP template files and only renders blocks inside the post content area — the central arc

C

  • Content migration is the structured process of moving existing content — articles, pages, media, taxonomies, users, URL history — from one platform or CMS to another while preserving editorial relationships, search equity, and accessibility. Done badly, it breaks bookmarks, kills

  • A Content Security Policy (CSP) is an HTTP response header that tells browsers exactly which sources of scripts, styles, images, fonts, and embedded content are allowed to run on a page — used to prevent cross-site scripting and supply-chain attacks by explicitly enumerating trus

  • A Custom Post Type (CPT) is a WordPress content structure beyond the built-in posts and pages — used to model distinct entities like case studies, team members, glossary entries, or events with their own admin UI, URL structure, and editorial workflow.

D

  • A Data Processing Agreement (DPA) is a contract between an organization (the data controller) and a vendor (the data processor) that specifies how the vendor handles personal data on the organization's behalf — covering scope, security, sub-processors, retention, breach notificat

  • The Define Phase is a fixed-price scoping engagement following Discovery in which Hello World produces a detailed implementation plan, technical architecture, and confirmed build budget — converting strategic direction into an executable build.

  • A Discovery Session is a focused, paid working session — typically 4 hours — in which Hello World maps a project's goals, constraints, audience, and technical landscape so the resulting scope and pricing are grounded in evidence rather than guesses.

  • A Drupal-to-WordPress migration is the planned move of an existing Drupal site's content, URLs, users, and editorial workflow onto WordPress — usually motivated by lower long-term maintenance cost, a larger editorial talent pool, or alignment with a marketing team that already kn

E

  • EveryAction is a nonprofit CRM and advocacy platform widely used by progressive nonprofits, political campaigns, and labor organizations — combining donor management, email marketing, action tools (petitions, letters to representatives, event registration), and reporting in one s

F

  • A Fractional Chief AI Officer (CAIO) is a senior AI executive engaged part-time to identify high-ROI AI use cases, run pilots, choose models and vendors, put governance in place, and ship production AI systems an organization can maintain.

  • A Fractional CTO is a senior technology executive engaged part-time on a monthly retainer to set engineering direction, make architecture and vendor decisions, and lead an organization's technical team without the cost of a full-time hire.

G

  • GDPR (General Data Protection Regulation) is the EU's comprehensive data privacy law that applies to any organization — including US nonprofits — that processes personal data of people in the EU or UK, regardless of where the organization is based, with substantial fines for non-

  • Gutenberg is WordPress's built-in block editor that replaced the classic TinyMCE-based editor in 2018, organizing content into modular "blocks" — paragraphs, images, headings, columns, custom patterns — that editors can drag, configure, and reuse without touching code.

H

  • Headless WordPress is an architecture in which WordPress is used only as a content management backend, while the public-facing site is rendered by a separate front-end (often React, Next.js, Astro, or SvelteKit) that consumes WordPress content through its REST or GraphQL API.

M

  • A mission-driven technology partner is a software firm that explicitly aligns its commercial work with social or environmental outcomes — choosing clients, pricing, and engagement models that protect the client's mission rather than maximize agency margin.

O

  • Open source stewardship is the practice of an organization treating its dependence on open source software as a responsibility, not a free ride — contributing back to the projects it depends on, sponsoring maintainers, and budgeting for the long-term sustainability of the ecosyst

P

  • Pantheon is a managed cloud hosting platform purpose-built for WordPress and Drupal that runs containerized environments with a Dev / Test / Live workflow, automatic backups, edge caching, and integrated git deployment.

  • Pantheon Multidev is a feature of the Pantheon hosting platform that creates an ephemeral, fully-isolated environment per git branch — letting engineering teams preview feature branches, review code changes, and run QA against production-like infrastructure without touching dev,

  • Plain language is a writing style that uses short sentences, common words, active voice, and clear structure to make content understandable on a first read — required by federal regulation for many US government communications and increasingly expected of nonprofit publications,

R

  • REST API and WPGraphQL are two ways to expose WordPress content to other systems — the REST API ships with WordPress core and returns fixed JSON shapes per endpoint, while WPGraphQL is a plugin that exposes content via a single GraphQL endpoint where clients request exactly the f

S

  • Salesforce Nonprofit Success Pack (NPSP) is Salesforce's nonprofit-tailored CRM configuration that ships with data models, automations, and reporting templates designed for fundraising, program management, and constituent relationships — the dominant CRM in the US nonprofit secto

  • Section 508 is a US federal law requiring electronic and information technology developed, procured, maintained, or used by federal agencies — and many federal grantees — to be accessible to people with disabilities, currently enforced through standards aligned with WCAG 2.0 AA.

  • A static site generator is a tool that builds an entire website into pre-rendered HTML files at build time — eliminating the server-side database query on every page request and producing a fast, cacheable, low-attack-surface site. Common SSGs include Next.js (static export), Ast

W

  • WCAG 2.1 AA (Web Content Accessibility Guidelines) is the global baseline standard for accessible web content, covering perceivable, operable, understandable, and robust criteria that ensure people with disabilities can use a website — and that mission-driven sites in particular

  • A web application firewall (WAF) is a security layer that filters and monitors HTTP traffic between a website and the internet — blocking common attacks (SQL injection, cross-site scripting, malicious bots, brute-force login attempts) before they reach the application — and is th

  • WordPress block patterns are reusable, pre-designed layouts assembled from core or custom blocks that editors can drop into pages and customize — turning a marketing site's design system into editor-friendly Lego pieces.

  • WordPress Multisite is a built-in WordPress feature that runs many sites from a single WordPress installation and shared database — useful for chapter networks, multilingual sites, university departments, or multi-brand portfolios where editorial autonomy matters but technical ma