Blue & gld Fractal Swirls Pattern

April 24, 2024: Woo Wednesday

Woo Commerce logo

Woo Wednesday Online Meetup at Noon Pacific Time

Join Up At:

Other Upcoming Meetups (Pacific Time)

Dallas/Fort Worth WordPress: Event PageFeaturing Eric L.

WORDPRESS HELP-DESK SUPPORT: List of WP Meetup Groups – By Eagle

S.C.C. WP – Take Your WordPress Site to the Next Level! April 24th @ 7:00 pm

Tampa Bay Tech Ctr – Monthly WP Meetup: April 25th @ 4:00 pm

Down State WP – Fourth Friday Meetup: April 26th @ 10:00 am

Reno WP – Virtual Office Hours: April 26th @ 5:00 pm

Learn WP – contributing to WordPress: April 28th @ 5:00 pm

Learn WP – contributing to WordPress: April 29th @ 12:30 am

Learn WP – Dynamic Content w/Block Bindings & Custom Fields: April 30th @ 8:00 am

Learn WP – Untangling Templates: April 30th @ 12:00 pm

Woo News

Woo Commerce Image

Current WooCommerce version is 8.8.2

From the Woo Developer Blog, Jacklyn Biggins

WooCommerce 8.8 has been released as WooCommerce 8.8.2. Learn more here.

A beginner’s guide to ecommerce SEO

By Laura Nelson

“Stocking your ecommerce store with high-quality, desirable products is only half the battle to building a successful and profitable online business. You also need to help shoppers discover your website and find the items they want. That’s what ecommerce search engine optimization (SEO) makes possible.

As you’ll see in a bit, ecommerce SEO is pretty similar to general SEO. But there are a few elements unique to ecommerce that you’ll want to be sure and address to maximize traffic to your site and sell more products. And understanding SEO is simply one of the steps to running a successful online store, alongside areas like ecommerce accounting.”

How to find a WooCommerce agency

From the General Woo Blog, by Mary Voelker

“Since its launch in 2011, WooCommerce has been steadily growing into what is now one of the most popular ecommerce platforms in the world. Not only is it used by millions of ecommerce businesses, there are hundreds of agencies that have built their reputations around developing WooCommerce sites.”

“With so many options out there, finding the right WooCommerce development company to work with can be intimidating, especially if this is your first WordPress website or your first time involving an agency in your development process. But don’t worry — we’ll walk you through the five key steps for choosing the best WooCommerce agency to meet the goals of your online store.”

WooCommerce Website Development, Conversion Rate Optimization Services

Zen Agency Press Release

“With expertise in WooCommerce website development, the agency now offers CRO services, which include A/B testing and heat mapping. As such, Zen Agency can analyze user behavior and identify areas for improvement on client sites to help businesses convert website traffic into paying customers.”

Word News

Image of Regina Carter

Current Version of WordPress is 6.5.2

Note: Due to an issue with the initial package, WordPress 6.5.1 was not released. 6.5.2 is the first minor release for WordPress 6.5.

This security and maintenance release features 2 bug fixes on Core, 12 bug fixes for the Block Editor, and 1 security fix.

Because this is a security release, it is recommended that you update your sites immediately. Backports are also available for other major WordPress releases, 6.1 and later.

WordPress 6.5.2 is a short-cycle release. The next major release will be version 6.6 and is currently planned for 16 July 2024.

Google On Diagnosing A Deindexed WordPress Site

From Search Engine Journal, by Roger Montti

“Google’s John Mueller answered a question about a WordPress site that was completely deindexed from Google Search after changing to a different web hosting platform. Mueller’s answer shows where to start investigating the reasons why that happens.”

Critical Forminator plugin flaw impacts over 300k WordPress sites

From Bleeping Computer, by Bill Toulas

“The Forminator WordPress plugin used in over 500,000 sites is vulnerable to a flaw that allows malicious actors to perform unrestricted file uploads to the server.

Forminator by WPMU DEV is a custom contact, feedback, quizzes, surveys/polls, and payment forms builder for WordPress sites that offers drag-and-drop functionality, extensive third-party integrations, and general versatility.

On Thursday, Japan’s CERT published an alert on its vulnerability notes portal (JVN) warning about the existence of a critical severity flaw (CVE-2024-28890, CVSS v3: 9.8) in Forminator that may allow a remote attacker to upload malware on sites using the plugin.”

Sneaky Credit Card Skimmer Disguised as Harmless Facebook Tracker

From the Hacker News

“Cybersecurity researchers have discovered a credit card skimmer that’s concealed within a fake Meta Pixel tracker script in an attempt to evade detection.

Sucuri said that the malware is injected into websites through tools that allow for custom code, such as WordPress plugins like Simple Custom CSS and JS or the “Miscellaneous Scripts” section of the Magento admin panel.

“Custom script editors are popular with bad actors because they allow for external third party (and malicious) JavaScript and can easily pretend to be benign by leveraging naming conventions that match popular scripts like Google Analytics or libraries like JQuery,” security researcher Matt Morrow said.”

The bogus Meta Pixel tracker script identified by the web security company contains similar elements as its legitimate counterpart, but a closer examination reveals the addition of JavaScript code that substitutes references to the domain “connect.facebook[.]net” with “b-connected[.]com.”

2024 WordPress Vulnerability Report Shows Errors Sites Keep Making

From Search Engine Journal, by Roger Montti

“2024 WPScan WordPress security report shows the mistakes that many sites keep making and leads to compromised websites.

WordPress security scanner WPScan’s 2024 WordPress vulnerability report calls attention to WordPress vulnerability trends and suggests the kinds of things website publishers (and SEOs) should be looking out for.

Some of the key findings from the report were that just over 20% of vulnerabilities were rated as high or critical level threats, with medium severity threats, at 67% of reported vulnerabilities, making up the majority. Many regard medium level vulnerabilities as if they are low-level threats and that’s a mistake because they’re not low level and should be regarded as deserving attention.”

  • Broken Access Control 84.99%
  • SQL Injection 20.64%
  • Cross-Site Scripting 9.4%
  • Unauthenticated Arbitrary File Upload 5.28%
  • Sensitive Data Disclosure 4.59%
  • Insecure Direct Object Reference (IDOR) 3.67%
  • Remote Code Execution 2.52%
  • Other 14.45%

UnitedHealth Confirms Massive Ransomware Hack Affects ‘Substantial Proportion’ of Americans

From TechCrunch, by Zack Whittaker

“Health insurance giant UnitedHealth Group has confirmed that a ransomware attack on its health tech subsidiary Change Healthcare earlier this year resulted in a huge theft of Americans’ private healthcare data.”

UnitedHealth said in a statement on Monday that a ransomware gang took files containing personal data and protected health information that it says may “cover a substantial proportion of people in America.”

U.S. bans noncompete agreements for nearly all jobs

From NPR, by Andre Hsu

“The Federal Trade Commission narrowly voted Tuesday to ban nearly all noncompetes, employment agreements that typically prevent workers from joining competing businesses or launching ones of their own.”

Free Resources

Advanced Views Lite

“Smart Templates that enhance the development process without sacrificing creative freedom.

Display your content with built-in post queries and automated template generation. These Templates accelerate the process and handle routine tasks efficiently. Develop quickly, and maintain flexibility.”