It has been a week, hasn’t it?! Two very severe security vulnerabilities for two different popular page builders, the first WordPress 6.5 beta version dropped, I mean, where do we even begin?!
Well, let’s start with the good news, shall we?
Within WordPress is sponsored by 20i.
The first WordPress Hosting you’ll love. The last you’ll ever need. From power bloggers to high-traffic ecommerce and agencies, easily deploy across the 20i Managed WordPress Hosting cloud platform.
Get in front of 1130+ dedicated WordPress friends and check out my sponsoring options and reach out to me if you think we can be a good fit!
🗞️ Within WordPress News
Here’s what I saw happening this past week:
- WordPress 6.5 is adding the following:
- In last week’s edition, I shared one of my favorite plugins called Find My Blocks. What I didn’t know at the time is that it had recently changed hands and Morgan Hvidt is actively asking for feedback on how to improve it.
So let your voices be heard!
- My friends at Level Level published research about the accessibility of chatbots and contact forms on websites. A staggering 32% was not accessible at all. Highly recommend you check out this research and learn from it what you can.
Because you can!
- Do the Woo published a podcast between two greats discussing funding WordPress (related) projects. Tom Wilmot and Joost de Valk talk together with BobWP about the state of affairs.
I could give you the TL;DR, but I’d much rather you prioritize listening to it as you’ll quickly learn why WordPress as whole would benefit if you fully understood the ramifications of us not funding said projects.
- WordPress Github Sync is a plugin I saw shared on X as a solution to sync content from a WordPress installation to a Github repo.
My team built such a solution almost a decade ago, so it’s fun to see how this solution works compared to what we came up with. But it’s a great solution for anyone needing to always have insight into the state of content as any given time in the past.
- Speaking of accessibility, my dear friend Anne-Mieke Bovelett explains expertly how in the field of accessibility, there is no competition. Not really.
- The WordPress.org team merged a huge change for the plugin repository. Namely, the ability to define plugin dependencies 😍.
🚀 Performance & Security
- Bricks, the popular page builder of late saw an extremely severe security vulnerability published this week. The update to fix this is available, but the number of sites that are actively being exploited is wreaking havoc. Calvin Alkan, WordPress Security Researcher found and disclosed the vulnerability. You may remember Calvin from a podcast I did with him last year. Calvin and I are covering everything you want to know about this hack in a YouTube livestream next week Friday.
- Calvin’s been busy, because he also discovered a similar vulnerability in the page builder Cwicly.
Update all your sites ASAP is all I’m saying for now.
- Patchstack has been selected by Google’s Growth Academy and that is huge news for the future of WordPress!!
- Speaking of security improvements, one of the first thing hackers would often do inside a site is change to the default role for new users to “Administrator”. That’s no longer possible with this change added to WordPress’ Core.
My favorite performance optimizing tools in WordPress:
- The best Front-end optimization plugin
- Cleaning up WordPress + script manager
- Cloud based performance optimizations
🔆 Within WordPress Highlight
Brian Coords shares a wonderful development tutorial on YouTube. He goes pretty deep into it by showing you how to use the WordPress Core Data package to communicate across blocks. Tools like useSelect, useDispatch, block context, block filters, and more. Why the highlight? Well, I really appreciate folks like Brian deep diving into what this new world of WordPress offers us. Much like how Jamie Marsland shows what (and how) you can build FSE sites.
Some of my favorite WordPress tools:
- The most versatile and accessible form solution for WordPress
- LocalWP, the easiest to use local dev solution
💡 Interesting Finds
- Some fun and interesting DNS related tools and utilities for you all.
🎁 Bonus
As you may have seen, Google pulled the plug on yet another service. This time they’ve removed articles for Google Business Profiles. Now we all know we should build on WordPress, own our data, and what not.
But for those out there that did not do that, here’s a solution created by Koen Reus that allows users to import Posts and Gallery images from the Google Business Profile platform into their WordPress site. The plugin is free and currently available on GitHub.
Leave a Reply