Woo Commerce Image

May 1, 2024 Woo Wednesday

Woo Commerce logo

Woo Wednesday Online Meetup at Noon Pacific Time

Join Up At: Meetup.com

Other Upcoming Meetups (Pacific Time)

Dallas/Fort Worth WordPress: Event PageFeaturing Eric L.

WORDPRESS HELP-DESK SUPPORT: List of WP Meetup Groups – By Eagle

Ottawa WP – WordPress Q & A: May 1st @ 4:00 pm

Bakersfield WP – Virtual Wednesday Meetup: May 1st @ 7:00 pm

WordPress Accessibility – Quick Accessibility Audits: May 2nd @ 8:00 am

Baltimore WP – How to quickly audit for accessibility: May 2nd @ 8:00 am

Seattle WP – Freelancers Meetup: May 2nd @ 10:00 am

Buffalo WP – Monthly Meetup: May 2nd @ 4:00 pm

San Jose/Santa Cruz WP – Help Desk: May 2nd @ 6:00 pm

West Orlando WP – First Friday Collaboration Meetup: May 3rd @ 7:00 am

MidCities WP – Monthly Roundtable: May 4th @ 11:00 am

Rochester WP – Accessibility Basics: May 6th @ 3:30 pm

O.C. WP – Monthly Meetup: May 6th @ 7:00 pm

Woo News

Woo Commerce Image

Current WooCommerce version is 8.8.3

From the WordPress Repository

WooCommerce 8.9: Pre-release updates 

From the Woo Developer Blog, by pia8c

What’s coming in 8.9

New Product Editor: You can now add Custom Product Fields to products via the New Product Editor.  

Compliance: we added support for natively displaying co-branded credit cards, and allowing customers to choose between them, in compliance with Regulation (EU) 2015/751.

Cart and Checkout Blocks: The Additional Checkout Fields feature, which was previously released on 8.7 as experimental, will be considered stable in this release. We are also including a change which reduces the payload size for the cart block by 11% and the checkout block by 17.9%!

Order Analytics: The order attribution tracking feature is coming to Order Analytics under the “Attribution” column, allowing store owners and managers to better understand the origin of each of their orders

Do you need Jetpack for your WooCommerce site? Is it worth it?

From the General Woo Blog, by Kathryn Marr

“…WooCommerce and Jetpack are so tightly integrated, you might be wondering if it’s required to run a WooCommerce site or if it’s simply recommended. If not required, is it still worth installing? What are the benefits?”

65 low investment business ideas to consider in 2024

From the General Woo Blog, by Kathryn Marr

“Starting a business in 2024 doesn’t have to drain your savings. With the right idea and a strategic approach, you can launch a venture that’s both affordable and successful.

The rise of digital tools and platforms has made it easier than ever to start a business with minimal upfront costs. Whether it’s leveraging the power of a WordPress site to establish your online presence or tapping into the ecommerce boom, the opportunities are there for the taking. 

Read on to review 65 different low investment business ideas that are perfect for entrepreneurs looking to make their mark without a hefty initial investment. Then, explore how you can go beyond the idea phase and bring these businesses to life.”


Word News

Image of Regina Carter

Current Version of WordPress is 6.5.2


Note: Due to an issue with the initial package, WordPress 6.5.1 was not released. 6.5.2 is the first minor release for WordPress 6.5.

This security and maintenance release features 2 bug fixes on Core, 12 bug fixes for the Block Editor, and 1 security fix.

Because this is a security release, it is recommended that you update your sites immediately. Backports are also available for other major WordPress releases, 6.1 and later.

WordPress 6.5.2 is a short-cycle release. The next major release will be version 6.6 and is currently planned for 16 July 2024.

New Wpeeper Android malware hides behind hacked WordPress sites

From Bleeping Computer, by Bill Toulas

“A new Android backdoor malware named ‘Wpeeper’ has been spotted in at least two unofficial app stores mimicking the Uptodown App Store, a popular third-party app store for Android devices with over 220 million downloads.

Wpeeper stands out for its novel use of compromised WordPress sites to act as relays for its actual command and control (C2) servers, acting as an evasion mechanism.

The Android malware was discovered on April 18, 2024, by QAX’s XLab team while examining a previously unknown ELF file embedded into APKs (Android package files), which had zero detections on Virus Total.”

Hackers try to exploit WordPress plugin vulnerability that’s as severe as it gets

From ARS Technica, by Dan Goodin

“Hackers are assailing websites using a prominent WordPress plugin with millions of attempts to exploit a high-severity vulnerability that allows complete takeover, researchers said.

The vulnerability resides in WordPress Automatic, a plugin with more than 38,000 paying customers. Websites running the WordPress content management system use it to incorporate content from other sites. Researchers from security firm Patchstack disclosed last month that WP Automatic versions 3.92.0 and below had a vulnerability with a severity rating of 9.9 out of a possible 10. The plugin developer, ValvePress, silently published a patch, which is available in versions 3.92.1 and beyond.

Researchers have classified the flaw, tracked as CVE-2024-27956, as a SQL injection, a class of vulnerability that stems from a failure by a web application to query backend databases properly. SQL syntax uses apostrophes to indicate the beginning and end of a data string. By entering strings with specially positioned apostrophes into vulnerable website fields, attackers can execute code that performs various sensitive actions, including returning confidential data, giving administrative system privileges, or subverting how the web app works.”

What is Web Hosting and How Does it Work?

From CNET, by Diana Gunn

“A comprehensive guide explaining what web hosting is, how web hosting works, the most popular types of website hosting and how to choose your own hosting plan.”

CIPA: The 30-Year-Old Privacy Law Getting Website Owners Sued

From The Admin Bar, by Hans Skillrud

“What is the California Invasion of Privacy Act (CIPA) and what does a phone call law have to do with website lawsuits?”

The essential guide to matching icons with typefaces

From Streamline

“Choosing the right icon set to complement a specific typeface is crucial for maintaining visual consistency in a project. This ensures that all the elements work together to create a recognizable brand and improve the overall user experience.”

Free Resources

Studio

Develop WordPress Locally for Free

“Studio is now available to use for free on Mac*, and you can get up and running with a new local site in just a few minutes. *A Windows version of Studio is coming soon, and you can request early access here.”