This Week in WordPress #189

This Week in WordPress #189

This week’s WordPress news for the week commencing Monday 6th December 2021

Another week, and we’re bringing you the latest WordPress news from the last seven days, including…

  • First thing’s first, there’s no ‘This Week in WordPress’ show this week. We had some clashed with the guests calendars and so we pulled the show, but will be back next week, sorry about that!
  • Hugely serious code-execution vulnerability in Log4j, an open source logging utility that’s used in countless apps – not really WordPress, but important nonetheless.
  • We did a podcast this week with the founder of North Commerce, which is shaping up to be a decent WooCommerce rival.
  • The WP Tavern website has a lovely new update.
  • Where is WordPress headed in 2022?
  • What can you do with the 4, yes only 4, block in GenerateBlocks?
  • There’s a new, super simple caching plugin available.

There’s a whole lot more than this, as there is each and every week, and you can find all that by scrolling down and clicking on the links!


GoDaddy Pro

WordPress Core

Gutenberg 12.1 Fixes Block Appender Layout Shift, Adds Template List Views, and Enhances Global Styles
Earlier today, Gutenberg 12.1 landed in the WordPress plugin directory. The latest release was heavy on improvements to the user experience, including a fix for the block appender layout shift, new global styles features, and improved templates list view. Theme authors also have a new flag for enabling all appearance-related tools…
Gutenberg 12.1 Fixes Block Appender Layout Shift, Adds Template List Views, and Enhances Global Styles
Earlier today, Gutenberg 12.1 landed in the WordPress plugin directory. The latest release was heavy on improvements to the user experience, including a fix for the block appender layout shift, new global styles features, and improved templates list view. Theme authors also have a new flag for enabling all appearance-related tools…
WordPress 5.9 Beta 2
Can you help test the latest software version of WordPress? 5.9 Beta 2 was published on 7 December 2021, help find any bugs.Since Beta 1, 24 bugs have been fixed…
WordPress 5.9 Beta 2
Can you help test the latest software version of WordPress? 5.9 Beta 2 was published on 7 December 2021, help find any bugs.Since Beta 1, 24 bugs have been fixed…

Community

Gravatar Says It Was Not Hacked After “Have I Been Pwned” Service Notifies Users of a Breach
Gravatar is fielding questions today after “Have I Been Pwned,” a data breech checker service, tweeted “New scraped data: Gravatar had 167M profiles scraped in Oct last year via an enumeration vector. 114M of the MD5 email address hashes were subsequently cracked and distributed alongside names and usernames.“ It claims 72% of these email addresses were already logged with the service…
Gravatar Says It Was Not Hacked After “Have I Been Pwned” Service Notifies Users of a Breach
Gravatar is fielding questions today after “Have I Been Pwned,” a data breech checker service, tweeted “New scraped data: Gravatar had 167M profiles scraped in Oct last year via an enumeration vector. 114M of the MD5 email address hashes were subsequently cracked and distributed alongside names and usernames.“ It claims 72% of these email addresses were already logged with the service…
What I Learned Building a Hybrid Theme
How to implement full-site editing features in an existing PHP-based theme…
What I Learned Building a Hybrid Theme
How to implement full-site editing features in an existing PHP-based theme…
WordPress Where It’s Headed in 2022
Let’s take a look at where WordPress is at today, where it’s headed, and what we can expect from the world’s most popular CMS in 2022 and beyond…
WordPress Where It’s Headed in 2022
Let’s take a look at where WordPress is at today, where it’s headed, and what we can expect from the world’s most popular CMS in 2022 and beyond…
Please don’t ‘test’ submitting other people’s plugins.
tl;dr: Never test vulnerabilities on someone else’s live site without their permission.By now, a lot of you have read the post about the so-called “WordPress Plugin Confusion” whereby a plugin hosted on WordPress.org can ‘override’ a plugin not hosted here, by using the same name/permalink. Someone even made a CVE for it.Please stop ‘testing’ this vulnerability with us…
Please don’t ‘test’ submitting other people’s plugins.
tl;dr: Never test vulnerabilities on someone else’s live site without their permission.By now, a lot of you have read the post about the so-called “WordPress Plugin Confusion” whereby a plugin hosted on WordPress.org can ‘override’ a plugin not hosted here, by using the same name/permalink. Someone even made a CVE for it.Please stop ‘testing’ this vulnerability with us…
WP Tavern Is Sporting a New Website Design
We are back with a brand-new edition of WP Tavern. Technically, we have a spiffy new coat of paint that I hope you all can see if viewing from your browsers. If you are reading this post via a feed reader, email, or something else, hop over to the site and check it out…
WP Tavern Is Sporting a New Website Design
We are back with a brand-new edition of WP Tavern. Technically, we have a spiffy new coat of paint that I hope you all can see if viewing from your browsers. If you are reading this post via a feed reader, email, or something else, hop over to the site and check it out…
Closer Look at GenerateBlocks
WordPress Blocks don’t always get the love it deserves.Page Builders became a huge success thanks to their drag-and-drop function and ready-to-use templates. They made it easy for almost anyone to build a website without tinkering around with any code.While they are great from a usability point of view, one major drawback is the impact on the website’s performance…
Closer Look at GenerateBlocks
WordPress Blocks don’t always get the love it deserves.Page Builders became a huge success thanks to their drag-and-drop function and ready-to-use templates. They made it easy for almost anyone to build a website without tinkering around with any code.While they are great from a usability point of view, one major drawback is the impact on the website’s performance…

Plugins / Themes / Blocks

Surge: A simple Page Caching Plugin for WordPress
Meet Surge, a brand new page caching plugin for WordPress. It’s extremely fast and has no configuration screens. There is no learning curve, the plugin works just by activating it…
Surge: A simple Page Caching Plugin for WordPress
Meet Surge, a brand new page caching plugin for WordPress. It’s extremely fast and has no configuration screens. There is no learning curve, the plugin works just by activating it…
Hello Charts Launches a Native Chart-Building Experience for the Block Editor
Luke Carbis and Rob Stinson, two of the three-person Block Lab team that WP Engine picked up in 2020, are back together on a new project. This time, they are joined by Byron Keet. The trio is taking on the WordPress charts space via a suite of blocks named Hello Charts…
Hello Charts Launches a Native Chart-Building Experience for the Block Editor
Luke Carbis and Rob Stinson, two of the three-person Block Lab team that WP Engine picked up in 2020, are back together on a new project. This time, they are joined by Byron Keet. The trio is taking on the WordPress charts space via a suite of blocks named Hello Charts…
Kadence Conversions: Build Pop-ups, Slide-ins & Banners in WordPress
Just in time for the holidays, the Kadence team just released the incredibly powerful Kadence Conversions plugin that helps site owners build popups, slide-ins, and banners using the same block-based technology Kadence Blocks uses…
Kadence Conversions: Build Pop-ups, Slide-ins & Banners in WordPress
Just in time for the holidays, the Kadence team just released the incredibly powerful Kadence Conversions plugin that helps site owners build popups, slide-ins, and banners using the same block-based technology Kadence Blocks uses…

GET THE WP BUILDS NEWSLETTER




WP Builds Black Friday Deals Page

THANKS.

NOW CHECK YOUR EMAIL TO CONFIRM YOUR SUBSCRIPTION

Deals

Blue Odin for WooCommerce
$1 for Lifetime access to Blue Odin for WooCommerce Plan…
Blue Odin for WooCommerce
$1 for Lifetime access to Blue Odin for WooCommerce Plan…

Security

Zero-day in ubiquitous Log4j tool poses a grave threat to the Internet
Minecraft is the first, but certainly not the last, app known to be affected. This one is really rather serious…!
Zero-day in ubiquitous Log4j tool poses a grave threat to the Internet
Minecraft is the first, but certainly not the last, app known to be affected. This one is really rather serious…!
1.6 Million WordPress Sites Hit With 13.7 Million Attacks In 36 Hours From 16,000 IPs
Over the past 36 hours, the Wordfence network has blocked over 13.7 million attacks targeting four different plugins and several Epsilon Framework themes across over 1.6 million sites and originating from over 16,000 different IP addresses…
1.6 Million WordPress Sites Hit With 13.7 Million Attacks In 36 Hours From 16,000 IPs
Over the past 36 hours, the Wordfence network has blocked over 13.7 million attacks targeting four different plugins and several Epsilon Framework themes across over 1.6 million sites and originating from over 16,000 different IP addresses…
Authentication Bypass Vulnerability Patched in User Registration Plugin
This flaw made it possible for unauthenticated attackers to login as any user, including administrative users, on an affected site as long as a valid username or email address was known to the attacker and a login form created with the plugin existed on the site…
Authentication Bypass Vulnerability Patched in User Registration Plugin
This flaw made it possible for unauthenticated attackers to login as any user, including administrative users, on an affected site as long as a valid username or email address was known to the attacker and a login form created with the plugin existed on the site…
WordPress Vulnerability Report: December 2021, Part 2
Vulnerable plugins and themes are the #1 reason WordPress websites get hacked. The weekly WordPress Vulnerability Report powered by WPScan covers recent WordPress plugin, theme, and core vulnerabilities, and what to do if you run one of the vulnerable plugins or themes on your website…
WordPress Vulnerability Report: December 2021, Part 2
Vulnerable plugins and themes are the #1 reason WordPress websites get hacked. The weekly WordPress Vulnerability Report powered by WPScan covers recent WordPress plugin, theme, and core vulnerabilities, and what to do if you run one of the vulnerable plugins or themes on your website…

WP Builds

258 – Tired of WooCommerce? Try North Commerce
You use WooCommerce, because you need an eCommerce platform and you like WordPress. It’s kind of the default isn’t it? WordPress + eCommerce = WooCommerce. Well, on the show today…
258 – Tired of WooCommerce? Try North Commerce
You use WooCommerce, because you need an eCommerce platform and you like WordPress. It’s kind of the default isn’t it? WordPress + eCommerce = WooCommerce. Well, on the show today…

Jobs

Post a job for FREE!
Post a Job If you know of a job in the WrdPress community, please feel free to post it here.It’ll go in this newsletter FREE OF CHARGE!
Post a job for FREE!
Post a Job If you know of a job in the WrdPress community, please feel free to post it here.It’ll go in this newsletter FREE OF CHARGE!

Not WordPress, but useful anyway…

The developer urge to start a woodworking business and never look at a laptop ever again
What would you do if computers stopped working? Join this Twitter thread…
The developer urge to start a woodworking business and never look at a laptop ever again
What would you do if computers stopped working? Join this Twitter thread…
Open Source Initiative Launches New Free Membership Level, Opens 2022 OSS Usage Survey
Open Source Initiative, the organization that stewards the Open Source Definition, has launched a new survey on the usage of open source, in collaboration with OpenLogic by Perforce. The survey takes a broad look at the trends and challenges organizations and users experience when adopting open source software today…
Open Source Initiative Launches New Free Membership Level, Opens 2022 OSS Usage Survey
Open Source Initiative, the organization that stewards the Open Source Definition, has launched a new survey on the usage of open source, in collaboration with OpenLogic by Perforce. The survey takes a broad look at the trends and challenges organizations and users experience when adopting open source software today…
Specialized Attacks: Physical and Social Engineering
In this course you will learn what social engineering is, why it matters, and who is performing it. Using case studies, you will be able to understand the techniques, tools, and vectors used in the real world..
Specialized Attacks: Physical and Social Engineering
In this course you will learn what social engineering is, why it matters, and who is performing it. Using case studies, you will be able to understand the techniques, tools, and vectors used in the real world..
Michael Sheen declares himself a “not-for-profit actor”
Actor and activist announces he will use future earnings to fund social projects after “turning point” of organising 2019 Homeless World Cup…
Michael Sheen declares himself a “not-for-profit actor”
Actor and activist announces he will use future earnings to fund social projects after “turning point” of organising 2019 Homeless World Cup…
Vizio Responds to Software Freedom Conservancy’s GPL Compliance Lawsuit: Will Not Release Source Code, Files to Move Case to US Federal Court
In October 2021, the Software Freedom Conservancy (SFC) initiated a lawsuit against Vizio, an American TV manufacturer, for shipping products with copyleft licenses but refusing to provide the source code after multiple attempts at contact since 2018…
Vizio Responds to Software Freedom Conservancy’s GPL Compliance Lawsuit: Will Not Release Source Code, Files to Move Case to US Federal Court
In October 2021, the Software Freedom Conservancy (SFC) initiated a lawsuit against Vizio, an American TV manufacturer, for shipping products with copyleft licenses but refusing to provide the source code after multiple attempts at contact since 2018…
Nathan Wrigley

Nathan Wrigley

Nathan writes posts and creates audio about WordPress on WP Builds. He can also be found in the WP Builds Facebook group.

The WP Builds podcast is brought to you this week by…

GoDaddy Pro

The home of Managed WordPress hosting that includes free domain, SSL, and 24/7 support. Bundle that with the Hub by GoDaddy Pro to unlock more free benefits to manage multiple sites in one place, invoice clients, and get 30% off new purchases! Find out more at go.me/wpbuilds.

AND

The WP Builds Deals Page

It’s like Black Friday, but every day of the year! Searchable, filterable list of WordPress products, with exclusive pricing for WP Builds listeners!

Check out the deals now…

We thanks them for their support of WP Builds.

Transcript (if available)

These transcripts are created using software, so apologies if there are errors in them.

RECOMMENDED STUFF

These are affiliate links and the small amount of income we derive from affiliate income allows us to pay the bills and keep the lights on