WooCommerce Logo

February 21, 2024: Woo Wednesday

Woo Commerce logo

Woo Wednesday Online Meetup at Noon Pacific Time

Join Us At: Meetup.com

Other Upcoming Meetups (Pacific Time)

Dallas/Fort Worth WordPress: Event PageFeaturing Eric L.

WORDPRESS HELP-DESK SUPPORT: List of WP Meetup Groups – By Eagle

Bakersfield WP – Virtual WordPress Wednesday: February 21st @ 7:00 pm

Philadelphia WP – Help Desk: February 22nd @ 4:00 pm

Pittsburgh WP – Perfect Google Lighthouse scores: February 22nd @ 4:00 pm

West Orlando WP – Fourth Friday Collaboration Meetup: February 23rd @ 8:00 am

Santa Clarita Valley WP – Block Project & WordCamp Asia: February 24th @ 10:00 am

Learn WP – Modern web layouts with WP blocks: February 27th @ 8:00 am

Woo News

WooCommerce Logo

WooCommerce 8.6.1: Fixes to issues introduced in 8.6.0

From the Woo Developer Blog

This release includes these fixes for issues in 8.6.0:

  • Prevent script caching by using the WC core version to hash WC blocks assets instead of old WC Blocks version #44676
  • Don’t render attribution metabox for non-supported order types #44680
  • Move condition to check post status before rendering product #44698
  • Add default values for admin address filters #44704

WooCommerce 8.6.0

From the Woo Developer Blog

Six new collections added to the Product Collection Block
  • New Arrivals – recommend your newest products,
  • Top Rated – recommend products with the highest review ratings,
  • Best Selling – recommend your best-selling products,
  • On Sale – highlight products that are currently on sale,
  • Featured – showcase your featured products,
  • Product Catalog – use it to display all products in the catalog or configure it manually as before.

Featured products in the New Product Form

Improvements to debug logging

Bringing back classic notice templates for classic themes

Default Fallback Marketing Channel Recommendations in WooCommerce Plugin

New Sales column in Campaigns card in Marketing page

Simplified Customer History Calculation

Fix CPU spike issue for users on Avada plugin

Other Notable Updates
  • Fixed fatal errors due to compatibility with PHP 8 (#44007).
  • Added new endpoint for retrieving suggested products from the REST API (#43720).
  • Added a new item to search for HPOS orders by product or customer, increasing the performance of these searches by about 2x (#43356).
  • Added a HPOS CLI tool to compare an order between datastores (#43173).
  • Change specificity of date picker rules (#44174)
  • Set `$plain_text` to false in new email addresses hook (#44178)
  • Marketplace: Fix the bug hiding connection warning (#44207)
  • Remove Customer Order Count from Order Attribution checkout data (#44359)
  • Move the guest should verify email logic to the order class (#43834)
  • Updates to remove references to the Woo Express promotion #44527 #44526
  • Security fixes

WooCommerce 8.6 Upcoming Fixes: Checkout Page, Product Page, and Compatibility with Woo Subscriptions

From the Woo Developer Blog

After the release of WooCommerce 8.6, we received reports from users who encountered the following issues:

  • [Fix in progress] Stores with Woo Subscriptions started getting fatal errors when adding or editing a subscription in WP Admin.
  • [Fix in progress] Some stores started having a broken Checkout block or checkout page after upgrading from WooCommerce 8.5.2 to 8.6.
  • [Under investigation] Product pages not showing up on certain stores, and we will include a fix for it as well after investigating and testing it.

We are preparing a fix for the following issues. You may monitor their progress via these two pull requests:

  • Don’t render attribution metabox for non-supported order types. (#44680)
  • Prevent script caching by using the WC Core version to hash WC blocks assets instead of old WC Blocks version (#44676)

We are currently investigating the following issue. You can monitor its progress here:

  • Upgrading to WP WooCommerce plugin 8.6.0 causes product page showing blank content for unauthenticated users (#44679)

How can I tell if this affects me?

If you are a store admin and your store is using Woo Subscriptions, you might encounter a fatal error when you log in to WP Admin and navigate to WooCommerce > Subscriptions, and then try to add a new subscription or edit an existing one. The error would be something similar to Uncaught Error: Call to undefined method WC_Subscription::get_report_customer_id() in /srv/htdocs/wp-content/plugins/woocommerce/src/Internal/Admin/Orders/MetaBoxes/CustomerHistory.php:28

You might also get the same fatal error when adding or editing other order types from plugins you are using.

If your store is using the Checkout block and had recently upgraded to WooCommerce 8.6 from 8.5.2, some of your customers might get an error message either on the checkout page or on other pages that have the checkout block. The error could be something similar to Oops! Unexpected error in: woocommerce/cart-order-summary-block. Error: Cannot read properties of undefined (reading 'call').

You may also receive reports from some of your customers that the product pages of your store are either rendered as empty pages, or not loading at all.

WooCommerce 8.6: Updated Fix Release Details

Following an earlier advisory, Woo is providing an update on the upcoming fixes for WooCommerce 8.6, specifically concerning the Checkout and Product pages, and integration with Woo Subscriptions.

New Issue Identified:

An issue has been identified for stores using extensions that apply woocommerce_admin_shipping_fields and woocommerce_admin_billing_fields filters independently. Affected stores will encounter a fatal error when accessing the admin order screen.

Progress on this issue can be tracked through the following Pull Request: Add default values for admin address filters.

Who Is Affected?

Currently, the AliExpress Dropshipping with AliNext Lite extension is known to use these filters. Stores utilizing this extension are likely impacted.

Recommended Action

If you’re experiencing related issues, we recommend temporarily deactivating the extension until a fix is deployed.

Upcoming Fix:

We plan to release WooCommerce 8.6.1 on Tuesday, February 20th, to address this along with three other known issues. This schedule avoids a weekend release to ensure ample time for testing and deployment.

Ecommerce security checklist: 15 steps to secure your online store

From the General Woo Blog

“Responsible stewardship of an ecommerce store means the owners need to take certain precautions to protect content, data, and customer details from malicious actors. While security is important for all websites, it’s particularly important for ecommerce businesses.

That’s because ecommerce sites generally deal with lots of sensitive information like personal details and credit card data. Cyber attacks can take numerous forms and are becoming increasingly sophisticated, making it easier for hackers to exploit your ecommerce website.

As of 2023, the average cost of a data breach worldwide is $4.45 million.” 

5 Ways to Increase Customer Retention in Your eCommerce Store

From Cosmoslabs

“There are two defining factors for a successful online store. The first is how many sales you get and the second is how many of those customers you can retain. Increasing customer loyalty and retention is the smartest way to grow your store’s earnings. If you’re not figuring out how to increase customer retention, you’re missing out on a bounty.

Simply put, it’s cheaper to retain customers than to reach new ones. The trust and brand knowledge are already there, so getting subsequent sales can be easier.

In this article, we’ll go over five ways to increase customer retention in your eCommerce store.”

From the article written by John Hughes:

1. Create a Mailing List

2. Set Up a Rewards or Loyalty Program

3. Offer Discount Codes

4. Lower Renewal Rates

5. Offer Simple Returns and Exchanges

Word News

WordPress 6.4 Shirely Horn

Current Version of WordPress is 6.4.3 – Maintenance and Security release

From WordPress.org

“This security and maintenance release features 5 bug fixes on Core, 16 bug fixes for the Block Editor, and 2 security fixes.

Because this is a security release, it is recommended that you update your sites immediately. Backports are also available for other major WordPress releases, 4.1 and later.

Roadmap to WordPress 6.5

From WordPress.Org

“WordPress 6.5 is set to be released on March 26th, 2024. This release brings greater design control and optionality, more robust block capabilities with new APIs, access to current block theme functionality to classic themes, and the start of the new admin redesign. More specifically, these significant features include the Font Library for easy global font management, support for Appearance Tools in Classic Themes for more expansive design options, and more robust revisions across the editing experience (including revisions for template parts and templates). New APIs like Interactivity, Custom Fields, and Block Binding expand block capabilities and underpin features like partial sync patterns, and PHP compatibility work ensures alignment with PHP versions. Rollback for plugin and theme updates enhances safety, and bug fixes address various components for an improved user experience. The first taste of the admin redesign as part of phase 3 efforts are planned for this release in an iterative and contained way by bringing a new experience to the template, template part, and pattern lists within the Site Editor.”

2023 Annual Survey Results and Next Steps

From WordPress.org

“Overall, awareness and/or use of block-based features is up year over year, as well as resources such as Learn.WordPress.org. This reflects project-wide efforts to increase utilization of these respectively. However, positive sentiment about WordPress is down modestly, and more so among contributors. The analysis of the annual survey highlights certain areas that could benefit from increased attention in 2024.”

Pilot program to test GatherPress on the WordPress.org network as a Meetup alternative

From WordPress.org

A pilot program to test GatherPress, a community-developed plugin, within interested and active WordPress meetup groups. This initiative stems from the WordPress community’s need for an innovative event management tool tailored to the unique demands of WordPress event organizers and participants.

Google to Significantly Lower Free Recaptcha Tier on April 1

From Post Status

  • Starting on April 1, 2024, the free reCAPTCHA service will be limited to 10,000 assessments per month rather than 1 million.
  • The new reduced services will be named reCAPTCHA Lite. 
  • Additional reCAPTCHA protection can be added by upgrading to “reCAPTCHA Standard” for $8/month/site for up to 100,000 assessments.
  • This change significantly impacts agencies which rely on reCAPTCHA for bot protection. 
  • Many are now considering other free CAPTCHA alternatives including hCaptcha and Cloudflare Turnstile.

Google Ranking Bug: Sites Go MIA Every Saturday and Reappear on Monday

From Post Status

  • Troubling pattern has emerged where sites with certain generic top-level domains (like .media and .club) completely drop out of Google’s search results over the weekend making them unable to even rank for their own domain names.
  • “Google Weekend Ranking Bug” was first reported in November 2023 but has escalated dramatically in January 2024.
  • Prevailing theory is an algorithm bug now intermittently and erroneously devaluing sites with keyword-focussed TLDs. 
  • Reminiscent of “legacy penalties” where low-quality sites got stuck in ranking looks – but this weekend bug affects TLDs with no known history of violations.
  • Do you have sites taking a hiatus for the weekend? 
  • Read a thorough explanation of the issue on SearchEngineJournal.com.

The ACF plugin is about to publish site breaking changes. Here’s how to prepare.

From WP-Ensure

“The latest version of ACF is a security release that fixes an insecurity with how unsafe HTML is escaped in their shortcode. Many…use ACF and ACF Pro in their websites so it’s been necessary to take special care that any theme incompatibilities are fixed as they crop up before the next few versions break the sites.”

In practice, this means:

  1. Upgrading to 6.2.5
  2. Checking the site dashboard for an ACF notification that upgrading might break the site.
  3. Assessing whether the update will break the site and take action if needed.
  4. Updating the theme if required.
  5. Updating the plugin to 6.2.7 (expected February 2024)
  6. Manually testing the site homepage and subpages work.
  7. Dealing with any unforeseen issues that may come up with legacy code through our support system.

Yoast SEO 22.0 ReleasedW

From Yoast

“v22 of Yoast SEO was released this February with an expansion of the Organization schema in response to Google’s recent updates to the way it uses organization structured data.”

LinkedIn Rolls Out New AI Features To Make Networking Easier

From Search Engine Journal

  • LinkedIn introduced new AI features to improve networking.
  • The features help users expand networks and find jobs more efficiently.
  • One feature provides suggested messages to improve starting conversations

Brick theme has a serious security issue, patch available

From Microsoft Start

A security researcher alias “snicco” recently found a vulnerability in the Brick Builder Theme, a commercial website builder with some 25,000 active installations, the publication states.

The vulnerability is a remote code execution (RCE) flaw, now tracked as CVE-2024-25600, and labeled as “critical”.

WordPress Vulnerability Threats and Scanners

From CrocoBlock

“If you do not pay attention to website security and potential vulnerabilities, this can have unfortunate consequences. The crashed site, which can be restored from the backup, is the least problem that can be faced, but the leakage of personal data, login credentials, financial information, scamming, breach of compliance, and similar things can bury your business. Also, consider that malware is insidious and able to replicate itself or leave backdoors for further attacks. 

That’s why vulnerability scanners are essential, and this article is about them.”

U.S. and U.K. Disrupt LockBit Ransomware Variant

From the Department of Justice

“The Department of Justice joined the United Kingdom and international law enforcement partners in London today to announce the disruption of the LockBit ransomware group, one of the most active ransomware groups in the world that has targeted over 2,000 victims, received more than $120 million in ransom payments, and made ransom demands totaling hundreds of millions of dollars.”

Free Resources

Free AI Kit

Comprehensive Suite of Free AI Tools