Woo Commerce logo

October 25, 2023 Woo Wednesday

Woo in purple & White

Woo Wednesday Online Meetup at Noon Pacific Time

Join Up At: Meetup.com

Other Upcoming Meetups (Pacific Time)

Dallas/Fort Worth WordPress: Event PageFeaturing Eric L.

WORDPRESS HELP-DESK SUPPORT: List of WP Meetup Groups – By Eagle

Reno WP – Let’s Learn About WordPress! October 25th @ 6:00 pm

Seattle WP – WordPress Fundamentals: October 25th @ 6:00pm

S.C.C. WP – Take Your WordPress Site to the Next Level! October 25th @ 7:00 pm

Tampa Bay Tech Ctr – Monthly WP Meetup: October 26th @ 4:00 pm

Los Angeles WP – AI + ML + WP Workflows III: October 26th @ 6:00 pm

Canada Code Camp – Create your 1st Site With A/I (No Code): October 26th @ 6:00 pm

Woo News

WooCommerce 8.2.1 Released

  • We’ve rolled back a change introduced in 8.2.0 that automatically selected all global attribute terms when adding a global attribute to a product. #40729

You can download the latest release of WooCommerce here or visit Dashboard → Updates to update the plugin from your WordPress admin screen.

As usual, if you spot issues in WooCommerce core, please log them in detail on GitHub. Found a security issue? Please submit a report via HackerOne.

We’re committed to increasing our investment in this domain to simplify the process of making extensions compatible and facilitating the implementation of their features for a seamless shopping experience. In this article, we’ll provide a concise overview of the most common extensibility requests, link to relevant GitHub discussions, followed by a preview of our upcoming roadmap.”

Action Scheduler to Adopt “L-2” Dependency Version Policy

From The WooCommerce Developer Blog

“…announcing an important update regarding Action Scheduler — the scalable job queue for processing large queues of tasks in the background in WordPress. In our ongoing commitment to keeping Action Scheduler reliable and efficient, we are officially adopting an “L-2” dependency version policy.

This policy will be effective starting with the next release of Action Scheduler.”

Ready to Sell on Amazon? Here’s What You Need

From the WooCommerce General Blog

“Whether you already have a thriving ecommerce store or are just starting to build your brand, you’ve probably considered the pros and cons of selling on Amazon.

Traditionally speaking, you’ll keep more revenue and build more equity in your business by building and maintaining a store on your own website. However, with all of the WooCommerce tools that make multi-channel selling more efficient — and profitable — than ever before, you can do both at the same time and quickly expand your audience.”

WooCommerce owner Automattic buys messaging app for $50M 

From The Verge

Automattic, the company that runs WordPress.com, Tumblr, Pocket Casts, and a number of other popular web properties, just made a different kind of acquisition: it’s buying Texts, a universal messaging app, for $50 million.

Texts is an app for all your messaging apps. You can use it to log in to WhatsApp, Instagram, LinkedIn, Signal, iMessage, and more and see and respond to all your messages in one place. (Beeper is another app doing similar things.) The app also offers some additional features like AI-generated responses and summaries, but its primary purpose is to unify your many inboxes into a single interface.”

Magecart malware concealment tactics, hiding inside web status page

From Silicon Angle

“A report this week from Roman Lvovsky, an Israeli security researcher at Akamai Technology,  demonstrates three obfuscation techniques that have been recently spotted by their telemetry. Magecart has been operating for years infecting various e-commerce websites, most notably those running Magento and WooCommerce. These new methods have targeted sites run by food and other retailers.”

Word News

WordPress 6.3.2 – Maintenance and Security release

“This security and maintenance release features 19 bug fixes on Core, 22 bug fixes for the Block Editor, and 8 security fixes.

WordPress 6.3.2 is a short-cycle release. You can review a summary of the maintenance updates in this release by reading the Release Candidate announcement. Because this is a security release, it is recommended that you update your sites immediately. Backports are also available for other major WordPress releases, 4.1 and later.

The next major release will be version 6.4 planned for 7 November 2023.

of the vulnerability enabled site access that was then leveraged by threat actors to deploy plugins and backdoors, as well as create admin accounts that would ensure persistence, a Sucuri report revealed.”

WordPress 6.4 Release Candidate 2

From WordPress.org

Since RC1 was released on October 17, there have been more than 25 issues resolved. You can browse the technical details for all recent updates using these links:

Kinsta Static Site Hosting is Fast and Free

From Kinsta

“After months of Beta testing, Kinsta is making Static Site Hosting available to anyone who needs to serve up HTML pages and assets like JavaScript and CSS files at lightning-fast speed.”

WordPress LiteSpeed Plugin Vulnerability Affects 4 Million Websites

From Search Engine Journal

“XSS vulnerability patched in popular LiteSpeed caching plugin…

XSS vulnerabilities are generally a type that takes advantage of a lack of a security process called data sanitization and escaping.

Sanitization is a technique that filters what kind of files can be uploaded via a legitimate input, like on a contact form.

In the specific LiteSpeed vulnerability, the implementation of a shortcode functionality allowed a malicious hacker to upload scripts they otherwise would not be able to had the proper security protocols of sanitization/escaping data been in place.”

HTTP/2 Rapid Reset DDOS Vulnerability Affects Virtually All Websites

From Search Engine Journal

“Server software companies race to patch a severe DDOS vulnerability that potentially affects virtually every website.

Details of a new form of DDOS that requires relatively minimal resources to launch an attack of unprecedented scale, making it a clear danger for websites as server software companies race to release patches to protect against it.

The vulnerability takes advantage of the HTTP/2 and HTTP/3 network protocols that allow multiple streams of data to and from a server and a browser.”

The 2024 State of Open Source Survey Is Now Open

From WP Tavern

“The Open Source Initiative (OSI), a non-profit organization that plays an important role in the open source ecosystem as stewards of the Open Source Definition (OSD), has opened its 2024 State of Open Source survey. This is the third year OSI has published the survey in collaboration with OpenLogic by Perforce, who has sponsored it in previous years. The organizations will be joined by the Eclipse Foundation for the 2024 edition.

Both users and contributors to open source software are invited to participate in the survey, but the questions are more geared towards organizations using and building open source software. The survey gathers information on technology trends, how open source is being used, challenges, growth areas, and more. The data will be used in the 2024 State of Open Source Report, which will be freely available on the OpenLogic website in early 2024.”

Ollie Dash Plugin Now Available for Ollie Block Theme

From WP Tavern

“The Ollie block theme, created by Mike McAlister and Patrick Posner, now has a companion plugin available called Ollie Dash. The theme made headlines earlier this month after a contentious WordPress.org review process led its authors to remove the innovative onboarding features. Ollie was approved for WordPress.org but without the time-saving onboarding features its authors initially hoped to include.

Testing the plugin, it is a night and day difference between having onboarding for a theme with so many patterns and options, versus getting dropped into a new theme with no direction.

Instead of hunting around for various settings, the plugin helps users get everything set up with just a few clicks. It includes settings for the color palette, brand color, logo, and site icon.

The wizard also enables fast page creation where users can check a box for any of the full-page designs that they want to be created as pages.”

Free Resources

Ollie Dash Plugin