This week’s WordPress news for the week commencing Monday 6th December 2021
Another week, and we’re bringing you the latest WordPress news from the last seven days, including…
- First thing’s first, there’s no ‘This Week in WordPress’ show this week. We had some clashed with the guests calendars and so we pulled the show, but will be back next week, sorry about that!
- Hugely serious code-execution vulnerability in Log4j, an open source logging utility that’s used in countless apps – not really WordPress, but important nonetheless.
- We did a podcast this week with the founder of North Commerce, which is shaping up to be a decent WooCommerce rival.
- The WP Tavern website has a lovely new update.
- Where is WordPress headed in 2022?
- What can you do with the 4, yes only 4, block in GenerateBlocks?
- There’s a new, super simple caching plugin available.
There’s a whole lot more than this, as there is each and every week, and you can find all that by scrolling down and clicking on the links!
WordPress Core
Earlier today, Gutenberg 12.1 landed in the WordPress plugin directory. The latest release was heavy on improvements to the user experience, including a fix for the block appender layout shift, new global styles features, and improved templates list view. Theme authors also have a new flag for enabling all appearance-related tools… |
Can you help test the latest software version of WordPress? 5.9 Beta 2 was published on 7 December 2021, help find any bugs.Since Beta 1, 24 bugs have been fixed… |
Community
wptavern.com Gravatar is fielding questions today after “Have I Been Pwned,” a data breech checker service, tweeted “New scraped data: Gravatar had 167M profiles scraped in Oct last year via an enumeration vector. 114M of the MD5 email address hashes were subsequently cracked and distributed alongside names and usernames.“ It claims 72% of these email addresses were already logged with the service… |
wpdevelopment.courses How to implement full-site editing features in an existing PHP-based theme… |
convesio.com Let’s take a look at where WordPress is at today, where it’s headed, and what we can expect from the world’s most popular CMS in 2022 and beyond… |
make.wordpress.org tl;dr: Never test vulnerabilities on someone else’s live site without their permission.By now, a lot of you have read the post about the so-called “WordPress Plugin Confusion” whereby a plugin hosted on WordPress.org can ‘override’ a plugin not hosted here, by using the same name/permalink. Someone even made a CVE for it.Please stop ‘testing’ this vulnerability with us… |
wptavern.com We are back with a brand-new edition of WP Tavern. Technically, we have a spiffy new coat of paint that I hope you all can see if viewing from your browsers. If you are reading this post via a feed reader, email, or something else, hop over to the site and check it out… |
skool.house WordPress Blocks don’t always get the love it deserves.Page Builders became a huge success thanks to their drag-and-drop function and ready-to-use templates. They made it easy for almost anyone to build a website without tinkering around with any code.While they are great from a usability point of view, one major drawback is the impact on the website’s performance… |
Plugins / Themes / Blocks
konstantin.blog Meet Surge, a brand new page caching plugin for WordPress. It’s extremely fast and has no configuration screens. There is no learning curve, the plugin works just by activating it… |
wptavern.com Luke Carbis and Rob Stinson, two of the three-person Block Lab team that WP Engine picked up in 2020, are back together on a new project. This time, they are joined by Byron Keet. The trio is taking on the WordPress charts space via a suite of blocks named Hello Charts… |
ithemes.com Just in time for the holidays, the Kadence team just released the incredibly powerful Kadence Conversions plugin that helps site owners build popups, slide-ins, and banners using the same block-based technology Kadence Blocks uses… |
Deals
Security
Minecraft is the first, but certainly not the last, app known to be affected. This one is really rather serious…! |
Over the past 36 hours, the Wordfence network has blocked over 13.7 million attacks targeting four different plugins and several Epsilon Framework themes across over 1.6 million sites and originating from over 16,000 different IP addresses… |
This flaw made it possible for unauthenticated attackers to login as any user, including administrative users, on an affected site as long as a valid username or email address was known to the attacker and a login form created with the plugin existed on the site… |
Vulnerable plugins and themes are the #1 reason WordPress websites get hacked. The weekly WordPress Vulnerability Report powered by WPScan covers recent WordPress plugin, theme, and core vulnerabilities, and what to do if you run one of the vulnerable plugins or themes on your website… |
WP Builds
wpbuilds.com You use WooCommerce, because you need an eCommerce platform and you like WordPress. It’s kind of the default isn’t it? WordPress + eCommerce = WooCommerce. Well, on the show today… |
Jobs
Post a Job If you know of a job in the WordPress community, please feel free to post it here… |
Not WordPress, but useful anyway…
share.wpbuilds.com What would you do if computers stopped working? Join this Twitter thread… |
wptavern.com Open Source Initiative, the organization that stewards the Open Source Definition, has launched a new survey on the usage of open source, in collaboration with OpenLogic by Perforce. The survey takes a broad look at the trends and challenges organizations and users experience when adopting open source software today… |
pluralsight.com In this course you will learn what social engineering is, why it matters, and who is performing it. Using case studies, you will be able to understand the techniques, tools, and vectors used in the real world.. |
theguardian.com Actor and activist announces he will use future earnings to fund social projects after “turning point” of organising 2019 Homeless World Cup… |
wptavern.com In October 2021, the Software Freedom Conservancy (SFC) initiated a lawsuit against Vizio, an American TV manufacturer, for shipping products with copyleft licenses but refusing to provide the source code after multiple attempts at contact since 2018… |
The WP Builds podcast is brought to you this week by…
Omnisend
Omnisend is the top-rated email and SMS marketing platform for WordPress. More than a hundred thousand merchants use Omnisend every day to grow their audience and sales. Ready to start building campaigns that really sell? Find out more at www.omnisend.com
GoDaddy Pro
The home of Managed WordPress hosting that includes free domain, SSL, and 24/7 support. Bundle that with the Hub by GoDaddy Pro to unlock more free benefits to manage multiple sites in one place, invoice clients, and get 30% off new purchases! Find out more at go.me/wpbuilds.
The WP Builds Deals Page
It’s like Black Friday, but everyday of the year! Search and Filter WordPress Deals! Check out the deals now…
Transcript (if available)
These transcripts are created using software, so apologies if there are errors in them.
Support WP Builds
We put out this content as often as we can, and we hope that you like! If you do and feel like keeping the WP Builds podcast going then...
Thank you!