ecommerce picture

March 27, 2024: Woo Wednesday

Woo Commerce logo

Woo Wednesday Online Meetup at Noon Pacific Time

Join Up At: Meetup.com

Other Upcoming Meetups (Pacific Time)

Dallas/Fort Worth WordPress: Event PageFeaturing Eric L.

WORDPRESS HELP-DESK SUPPORT: List of WP Meetup Groups – By Eagle

S.C.C. WP – Take Your WordPress Site to the Next Level! March 27th @ 7:00 pm

Tampa Bay WP – Monthly Meetup: March 28th @ 4:00 pm

Rochester WP – Monthly Meetup: April 1st @ 3:30 pm

O.C. WP – Monthly Meetup: April 1st @ 7:00 pm

Jacksonville WP – Websites for Authors & Writers: April 2nd @ 8:00 am

Woo News

Woo Commerce Image

WooCommerce 8.7 Released: Product Collection Block Enhancements, Receipt Rendering Engine and More

From the Woo Developer Blog, By Alvaro

New in 8.7.0:

Known Issue with Gutenberg 17.9.0

“The latest Gutenberg release 17.9.0 includes a bug that causes the New Product Editor to crash when the user attempts to edit the product description in the Full Editor mode (see issue). The New Product Editor is behind a feature flag, meaning the New Product Editor is unavailable by default. The issue would have affected you if you had the New Product Editor enabled through Settings >> Advanced >> Features >> New Product Editor.

To allow further use of the New Product Editor, we disabled the Full Editor of the product description in the 8.7 release if Gutenberg 17.9 is installed. The New Product Editor is working as expected otherwise.”

WooCommerce 8.8: A new way to customize your store, and more

From the Woo Developer Blog, By Nigel Stevenson

WooCommerce 8.8 will be released on April 9, 2024.

What’s coming in 8.8

The Legacy REST API plugin will be automatically installed in WooCommerce 8.8

From the Woo Developer Blog, By konamiman

“Back in October 2023 we announced that the Legacy REST API will be removed from WooCommerce as of version 9.0, but for those who have not been able to transition to the more modern REST API based on the WordPress JSON API we have created an extension which allows you to continue using the WooCommerce Legacy REST API, available both at a dedicated GitHub repository andat the official WordPress.org plugins directory.

In the original announcement we hinted that we were exploring the possibility of automatically install the plugin as part of the upgrade to WooCommerce 9.0 on the appropriate sites (WooCommerce sites that have the Legacy REST API enabled or have legacy webhooks), finally we decided to do that but in advance of the actual Legacy REST API removal: the Legacy REST API plugin will be installed and activated as part of the upgrade to WooCommerce 8.8 or newer if the site has the Legacy REST API enabled or has legacy webhooks.”

Coming in WooCommerce 8.8: Customize Your Store — a new way to design WooCommerce stores

From the Woo Developer Blog, By Patricia Hillebrandt

“WooCommerce 8.8 is on the horizon, bringing a new way to create beautiful stores with no code. Say hello to Customize Your Store, a brand-new feature that will take the place of the “Personalize Your Store” onboarding step.

Customize Your Store will take advantage of the latest WordPress Site Editing tools, along with a cool new Pattern Assembler UI.”

“When you’re building a new store, you will now have the ability to use Customize Your Store to select your own fonts, colors, layouts, and more. To get started, navigate to WooCommerce > Home. There, you’ll find the “Start customizing” button and the “Customize your store” link, which is where you can start personalizing the look and feel of the site.”

Developer Q&A

  • Q: Can I use the Customize Your Store feature with any WordPress theme?
  • A: In this initial version, Customize Your Store is compatible with the Twenty Twenty-Four theme. That said, we are still discussing the details of what extensibility should look like for this feature and how theme developers could interact with it.
  • Q: What happens to my existing customizations if I switch themes to TT4?
  • A: Switching themes may affect your current customizations. We advise backing up your site and testing the theme switch in a staging environment first. This way, you can address any adjustments needed without impacting your live site.
  • Q: How does the Pattern Assembler enhance my development workflow?
  • A: The Pattern Assembler allows for easy customization of key design elements like your logo, colors, and fonts, significantly reducing development time. It’s designed to give you more creative freedom while ensuring a consistent and responsive design across your site.
  • Q: Are there limitations to the customization options available?
  • A: The initial release focuses on core customization options such as logos, color palettes, fonts, headers, homepages, and footers. Future updates will expand these capabilities, introducing more pattern options and flexibility.
  • Q: Can I add custom CSS to my designs in Customize Your Store?
  • A: Yes, you have the ability to add custom CSS to your designs.

Enhancing WooCommerce Checkout with Additional Checkout Fields

From the Woo Developer Blog, By shanibanerjee

“WooCommerce 8.7 introduces an enhancement for developers: the ability to introduce additional fields to the Checkout block. This feature comes with an emphasis on developer-friendliness, making it easier than ever to customize the checkout experience for users. In this blog post, we’ll delve into the journey of how this feature evolved, highlighting the collaborative effort between our teams and community developers.”

Store Editing Snaps: Block Hooks & Store Customization Updates

From the Woo Developer Blog, By Daniel W. Robert

“Every couple of weeks, we give an update on all the work being done on WooCommerce Blocks from behind the scenes.

Let’s take a look at some highlights of what we’ve done since our last update.”

Coming in WooCommerce 8.8: Making Product Onboarding and Product Tours Extensible

From the Woo Developer Blog, By Brent MacKinnon

“One of the features coming in WooCommerce 8.8 is the ability to extend the product type onboarding list and tour guide. This enhancement opens up a new method of customization for developers, making the Add Products task more adaptable and user-friendly.”

“The update is significant for developers creating extensions that extend beyond standard offerings. It introduces a customizable onboarding process that allows developers to highlight their extension’s unique features right from the start, enhancing user engagement and retention.”

Introducing A New Extension to Facilitate Woo.com Product Updates

From the Woo Developer Blog, By Matt Cohen

“To better align with WordPress.org’s guidelines, we’re transitioning Woo.com extension and theme update functionalities from WooCommerce core to a new extension: Woo.com Update Manager. This move is aimed at enhancing update efficiency, ensuring your Woo store always has access to the latest features and improvements. Installation of the Woo.com Update Manager is essential for up-to-date store maintenance.”

Six ecommerce website examples to inspire you in 2024

From the General Woo Blog, By Matty Cohen

“Web design trends are ever-evolving — especially when it comes to ecommerce, where staying ahead of the curve is essential for success.

Whether you’re creating your very first online store or redesigning your current website, it’s critical to research what other online businesses are doing to draw inspiration. By looking at some of the best ecommerce website examples in your industry and adopting similar features and design elements, you’ll set yourself up for a better performing ecommerce store right from the start.

In this article, we’ll explore six exceptional and innovative ecommerce websites — each from a different industry. From cutting-edge user interfaces to seamless customer experiences, these online stores are setting the benchmark for ecommerce excellence.”

Word News

WordPress 6.4 Shirely Horn

Current Version of WordPress is 6.4.3 – Maintenance and Security release

From WordPress.org

“This security and maintenance release features 5 bug fixes on Core, 16 bug fixes for the Block Editor, and 2 security fixes.

Because this is a security release, it is recommended that you update your sites immediately. Backports are also available for other major WordPress releases, 4.1 and later.

WordPress Astra Theme Vulnerability Affects +1 Million Sites

From Search Engine Journal, by Roger Montti

“One of the World’s most popular WordPress themes quietly patched a security vulnerability over the weekend that security researchers say appears to have patch a stored XSS vulnerability.”

The official Astra changelog offered this explanation of the security release:

“Enhanced Security: Our codebase has been strengthened to further protect your website.

Their changelog, which documents changes to the code that’s included in every update, offers no information about what the vulnerability was or the severity of it.  Theme users thus can’t make an informed decision as to whether to update their theme as soon as possible or to conduct tests first before updating to insure that the updated theme is compatible with other plugins in use.”

2M+ WordPress Sites Hit By Essential Addons For Elementor Vulnerability

From Search Engine Journal, by Roger Montti

“Security researchers published an advisory on the popular Essential Addons For Elementor WordPress plugin which was discovered to contain a Stored Cross-Site Scripting vulnerability affecting over 2 million websites.

Flaws in two different widgets that are a part of the plugin are responsible for the vulnerabilities.”

Two Widgets That Lead To Vulnerabilities

  1. Countdown Widget
  2. Woo Product Carousel Widget

Evasive Sign1 malware campaign infects 39,000 WordPress sites

From BleepingComputer, by Bill Toulas

“A previously unknown malware campaign called Sign1 has infected over 39,000 websites over the past six months, causing visitors to see unwanted redirects and popup ads.

The threat actors inject the malware into custom HTML widgets and legitimate plugins on WordPress sites to inject the malicious Sign1 scripts rather than modifying the actual WordPress files.

Website security firm Sucuri discovered the campaign after a client’s website randomly displayed popup ads to visitors.

While Sucuri’s client was breached through a brute force attack, Sucuri has not shared how the other detected sites were compromised.

However, based on previous WordPress attacks, it probably involves a combination of brute force attacks and exploiting plugin vulnerabilities to gain access to the site.

Once the threat actors gain access, they use WordPress custom HTML widgets or, more commonly, install the legitimate Simple Custom CSS and JS plugin to inject the malicious JavaScript code.”

Free Resources

StreamElements

100% FREE customizable alerts & widgets for live streamers

Choose from dozens of free animated alerts and overlays, or create your own with our powerful visual editor.