WooCommerce Logo

November 15, 2023 Woo Wednesday

Woo in purple & White

Woo Wednesday Online Meetup at Noon Pacific Time

Join Up At: Meetup.com

Other Upcoming Meetups (Pacific Time)

Dallas/Fort Worth WordPress: Event PageFeaturing Eric L.

WORDPRESS HELP-DESK SUPPORT: List of WP Meetup Groups – By Eagle

Bakersfield WP – Virtual WP Wednesday: November 15th @ 7:00 pm

Learn WP – New WordPress Developer APIs: November 16th @ 6:00 am

Milwaukee WP – Monthly User Group: November 16th @ 7:00 am

Learn WP – Reviewing Gutenberg 17.0: November 16th @ 7:30 am

West Orlando WP – Stop Giving Business Away: November 16th @ 3:00 pm

San Jose/Santa Cruz WP – Help Desk November 16th @ 6:00 pm

Houston Woo – WooCommerce and You: November 20th @ 5:00 pm

Accessibility WP – Component Patterns: November 20th @ 5:00 pm

Canada CodeCamp – GitHub for Beginners: November 20th @ 7:00 pm

Hartford WP – The Power of Media Blocks: November 21st @ 3:00 pm

Toronto WP – Let’s fix your site: November 21st @ 3:30 pm

Tampa Bay WP – WordPress Support: November 21st @ 3:30 pm

Woo News

WooCommerce 8.2.1 Released

  • We’ve rolled back a change introduced in 8.2.0 that automatically selected all global attribute terms when adding a global attribute to a product. #40729

You can download the latest release of WooCommerce here or visit Dashboard → Updates to update the plugin from your WordPress admin screen.

As usual, if you spot issues in WooCommerce core, please log them in detail on GitHub. Found a security issue? Please submit a report via HackerOne.

We’re committed to increasing our investment in this domain to simplify the process of making extensions compatible and facilitating the implementation of their features for a seamless shopping experience. In this article, we’ll provide a concise overview of the most common extensibility requests, link to relevant GitHub discussions, followed by a preview of our upcoming roadmap.”

WooCommerce 8.3 Delayed

Why the delay?

“WooCommerce 8.3 will be the first major release since the release of WordPress 6.4 on November 7th. It will also be the current stable version when PHP 8.3 is released on November 23, 2023. As such, we need to ensure WooCommerce’s compatibility with the changes from these two major dependencies. We have identified very recent issues and were able to fix them. However, we still need more time in testing these fixes together with other recent changes since WooCommerce 8.3 RC 2.”

WooCommerce Blocks 11.5.4 Release Notes

Bug Fixes
  • Prevent PHP warnings when using Jetpack WooCommerce Analytics module. #11707
  • Fixed address components in Firefox, and editing of address form in the editor. #11714
  • Fix Classic Cart/Checkout styling on non-cart and checkout pages. #11694
  • Fix double border in cart and notes field width on mobile. 11742
  • Ensure that incompatible notices are displayed in Safari. #11736
  • Enabled the new blockified Order Confirmation by default for block-based themes. #11615

Store Editing Snaps: October 23 – November 03

Remove authors filter from Product Collection block (#11427)

Product Collection: Add support for filtering products by featured status (#11522)

Product Collection – Add Created filter (#11562)

Product Gallery Block
Product Gallery block: Add crop images (#11482)

Product Gallery Thumbnails: Add View all overlay (#11087)

WooCommerce 8.3.0 RC 2 Released

From the Woo Developer Blog

Highlights

Since the release of 8.3.0 RC 1, the following changes have been made:

  • Compatibility issue with PHP 8.3 related to performing an array_sum() is resolved. #41205
  • New blockified Order Confirmation template is now available by default on new installations. #41276
  • Using WordPress 6.4 release sites that rely on using the Classic Template block for the Single Product template are no longer broken. #41291

For the complete list, view the changelog in the readme for this release.

WooCommerce Blocks 11.5.1 Release Notes

From the Woo Developer Blog

The latest version of WooCommerce Blocks, version 11.5.0, is now available for download on WordPress.org and GitHub.

This version introduces fixes and improves across product block patterns and template parts. The full changelog can be found below, but some notable improvements are as follows.

Components available via blocksComponents

The SortSelect, Textarea, and Title components have been moved to the wc.blocksComponents package. This initiative allows developers to avoid duplicating efforts and directly access necessary components for their projects. More details can be found in the respective pull requests:

Cart and Checkout Template Enhancements

  • Semantic Checkout Header: The checkout header now uses the <header> element to improve semantic understanding and accessibility, aligning with standard HTML practices. (11222)
  • Interactive Cart Feedback: The “Remove Item” link in the Cart block now has a hover state, providing immediate visual feedback for interaction. (11526)

Changelog

Enhancements
  • Add margin bottom to the Hero Product 3 Split pattern. (11573)
  • Set explicit margins in the search bar group on the Large Header pattern. (11571)
  • Add aspect ratio to the Featured Products 5 Columns pattern. (11570)
  • Fix Product Collection 4 Columns pattern button height. (11553)
  • Change the “chessboard” pattern structure to improve mobile view. (11545)
  • Footer with 3 menus pattern: Update the spacing in the columns to improve the mobile view. (11544)
  • Add checkout-header template to the correct area in site editor. (11528)
  • Product gallery/add crop images. (11482)
  • Remove authors filter from Product Collection block. (11427)
  • Move SortSelect to components package. (11411)
  • Move Textarea to components package. (11384)
  • Move Title to components package. (11383)
  • Use the element for the checkout header. (11222)
  • Product Gallery Thumbnails: Add View all overlay. (11087)
Bug Fixes
  • Fix Hero Product 3 Split pattern text content. (11612)
  • Prevent theme button border appearing in opinionated patterns. (11564)
  • Prevent Sale badge overflowing the Product Image in some product grid blocks. (11556)
  • Block Checkout: Add back missing render-checkout-form hook. (11554)
  • Ensure that the “Remove Item” link on Cart block has a hover state. (11526)
  • All Products: Add cursor pointer when hovering over pagination items. (11502)
  • Product Collection: Fix the PHP Warning after migrating from Products (Beta). (11494)
  • Footer with 2 Menus Dark pattern: Fix the Site Title color contrast in TT4. (11484)
  • Essential Header Dark pattern: Fix color contrast issues in TT4. (11480)
  • Display shipping calculator link for guests shopper. (11442)
  • Comboboxes should match against values before looking at labels. (11410)
  • Fix products incorrectly marked as discounted. (11386)
  • Ensure input is validated when autofilled in Firefox. (11062)
  • Remove bullet points and unnecessary padding from SearchListControl. (11444)\

Big changes coming to Woo editor, product management and more

From Geeky Gadgets

“WooCommerce the powerful e-commerce platform that serves as a plugin for WordPress websites, will soon be receiving some major changes to the way users can modify and managing e-commerce products. The development team responsible for creating and maintaining WooCommerce has recently rolled out a series of new beta features aimed at improving the process of adding, editing, and managing products.”

How to Prepare for Black Friday: Tips From Woo’s Support Team

From the General Woo Blog

“Are you ready for the holiday season? If you run a Woo store, you know how important it is to prepare your site for the busiest shopping time of the year. 

At the end of October, around 15 of our support engineers — or Happiness Engineers, as we like to call them — offered complementary site reviews in preparation for the holiday season. We reviewed more than 100 WooCommerce stores and identified the best practices and solutions to help them boost their sales and conversions.”

Exploring Multi-Store Functionality in WooCommerce

From the General Woo Blog

“If you’re responsible for managing multiple WooCommerce stores, you’re likely already aware of the complexities and challenges that come with it. 

Fortunately, the multi-store functionality available with WooCommerce can be a transformative solution for your organization, offering centralized control over multiple independent online stores from a singular WooCommerce installation and database.

In this guide, we’ll explore what multi-store functionality is, how it operates within the WooCommerce ecosystem, and its many benefits. We’re talking synchronized inventory, streamlined order processing, and a unified customer experience that keeps shoppers coming back to all of your stores.”

Word News

WordPress 6.4 “Shirley”

WordPress 6.4 Shirely Horn

WordPress 6.4 “Shirley,” named after the iconic jazz artist Shirley Horn.

“This latest version of WordPress introduces a new, versatile default theme and a suite of upgrades to empower every step of your creative journey. Craft your content seamlessly with further writing improvements. Explore more ways to bring your vision to life and streamline site editing with enhanced tools. Whether you’re new to WordPress or an experienced creator, “Shirley” has something for you. Discover the unmatched flexibility of building with blocks and let your ideas take flight.”

WordPress 6.4.1 Maintenance Release

This minor release features four bug fixes. You can review a summary of the maintenance updates in this release by reading the Release Candidate announcement or view the list of tickets on Trac.

WordPress 6.4.1 is a short-cycle release. If you have sites that support automatic background updates, the update process will begin automatically. If your site does not update automatically, you can also update from your Dashboard.

You can download WordPress 6.4.1 from WordPress.org, or visit your WordPress Dashboard, click “Updates”, and then click “Update Now”.

For more information on this release, please visit the HelpHub site.

State of the Word 2023

December 11th 2023

State of the Word - Madrid

“State of the Word is the annual keynote address delivered by the WordPress project’s co-founder, Matt Mullenweg. Every year, the event shares reflections on the project’s progress and aspirations for the future of open source.”

Introducing Twenty Twenty-Four

“Unlike past default themes, Twenty Twenty-Four breaks away from the tradition of focusing on a specific topic or style. Instead, this theme has been thoughtfully crafted to cater to any type of website, regardless of its focus. The theme explores three different use cases: one designed for entrepreneurs and small businesses, another for photographers and artists, and a third tailored for writers and bloggers. Thanks to its multi-faceted nature and adaptability, Twenty Twenty-Four emerges as the perfect fit for any of your projects.”

WP Fastest Cache plugin bug exposes 600K WordPress sites to attacks

From Bleeping Computer

“The WordPress plugin WP Fastest Cache is vulnerable to an SQL injection vulnerability that could allow unauthenticated attackers to read the contents of the site’s database.

WP Fastest Cache is a caching plugin used to speed up page loads, improve visitor experience, and boost the site’s ranking on Google search. According to WordPress.org stats, it is used by more than a million sites.

Download statistics from WordPress.org show that more than 600,000 websites still run a vulnerable version of the plugin and are exposed to potential attacks.”

From Demarcian

“Starting February, 2024, long established email authentication best practices will become a requirement.”

This article goes on to bring clarity to the requirements that will take effect in early 2024 and to provide guidance and confidence while you ask yourself, “Will I be impacted?”

New California Assembly Bill on Website Accessibility Could Result in a Lawsuit Tsunami

From the The Seyfarth ADA Title III News & Insights Blog

“AB 1757 would adopt WCAG 2.1 Level AA as the de facto standard for websites and mobile apps that can be accessed from California and impose liability for statutory damages on business establishments and website developers.”

“In a classic gut and amend move mid-way through the Legislative Session, on June 12 the California Assembly’s Judiciary Committee replaced the entire content of an existing bill on courts, AB 1757, with language that would effectively make WCAG 2.1 Level AA the required standard for the websites and mobile apps of “business establishments” covered by the Unruh Civil Rights Act.  And, in an unprecedented step, the bill would allow individuals with disabilities as well as business establishments to sue third party developers that create noncompliant websites and mobile apps.”

Article 45 Will Roll Back Web Security by 12 Years

From the Electronic Frontier Foundation

“The EU is poised to pass a sweeping new regulation, eIDAS 2.0. Buried deep in the text is Article 45, which returns us to the dark ages of 2011, when certificate authorities (CAs) could collaborate with governments to spy on encrypted traffic—and get away with it. Article 45 forbids browsers from enforcing modern security requirements on certain CAs without the approval of an EU member government. Which CAs? Specifically the CAs that were appointed by the government, which in some cases will be owned or operated by that selfsame government. That means cryptographic keys under one government’s control could be used to intercept HTTPS communication throughout the EU and beyond.”

Google Will Delete Millions of Gmail Accounts

“In three weeks, any Gmail accounts that haven’t been used in over two years will be deleted, according to the Daily Mail.

It was also reported that Google Drive, Docs, Calendar, Meet and Photos accounts will be deleted if they haven’t been active, along with all of the content on these accounts.”

Brainstorm Force Invests in LatePoint Bookings and Appointment Scheduling Plugin

From WP Tavern

“Brainstorm Force, makers of the popular Astra theme, has invested in LatePoint, a commercial booking and appointment scheduling plugin for WordPress. LatePoint is used on 21,000 websites to enable bookings for small businesses, such as salons, therapists, doctors, spas, and fitness studios. It also supports a growing library of add-ons for further customizing the booking experience.”

Wordfence Launches Bug Bounty Program

From WP Tavern

“Wordfence launched a bug bounty program to provide financial incentive for security researchers reporting high risk vulnerabilities to the company’s program.”

Wordfence will reward researchers who discover vulnerabilities in plugins and themes with 50,000+ active installations. A few examples of the payouts include the following:

  • $1,600 for an Unauthenticated Arbitrary File Upload, a Remote Code Execution, a Privilege Escalation to Admin, or an Arbitrary Options Update in a plugin or theme with over one million active installations.
  • $1,060 for an Unauthenticated Arbitrary File Deletion in a plugin or theme with over one million active installations, assuming wp-config.php can easily be deleted.
  • $800 for an Unauthenticated SQL Injection in a plugin or theme with over one million active installations.
  • $320 for an Unauthenticated Cross-Site Scripting vulnerability in a plugin or theme with over one million active installations.
  • $80 for a Cross-Site Request Forgery vulnerability in a plugin or theme with over one million active installations, and a significant impact.

“Wordfence’s bug bounty program launch was clearly vying for competitive positioning by indirectly calling out Patchstack, which operates its program on a leaderboard system where only the top researchers get paid. There are a few notable differences, where some bounties are awarded by discretion but most individual bounties are for the highest score in various categories.”

Keeping the Web Gremlins at Bay with WordPress Retainers

(especially for businesses!)

From TechBullion

A somewhat humorous article about web maintenance and retainers”

YouTube announces strict new requirements for AI-generated content

From BPR Business & Politics

“YouTube users who violate new rules on AI-generated content risk having their work removed from the platform as updated requirements were announced on Tuesday.

In a blog post, the video platform revealed that new rules will take effect in the coming months that will impact users’ content when artificial intelligence is used to create videos and certain labeling will also be required.”

“All content uploaded to YouTube is subject to our Community Guidelines—regardless of how it’s generated—but we also know that AI will introduce new risks and will require new approaches,” the Google-owned platform announced Tuesday, detailing “what YouTube will roll out over the coming months and into the new year.”

Free Resources

OMGF | GDPR/DSGVO Compliant, Faster Google Fonts. Easy.

Leverage Browser Cache, reduce DNS lookups/requests, reduce Cumulative Layout Shift and make your Google Fonts 100% GDPR compliant with OMGF!

“OMGF is written with performance and user-friendliness in mind. It uses the Google Fonts API to automatically cache the fonts your theme and plugins use to minimize DNS requests and speed up your WordPress website.”