Woo in purple & White

September 6, 2023 Woo Wednesday

Woo in purple & White

Woo Wednesday Online Meetup at Noon Pacific Time

Join Up At: Meetup.com

Other Upcoming Meetups (Pacific Time)

Dallas/Fort Worth WordPress: Event PageFeaturing Eric L.

WORDPRESS HELP-DESK SUPPORT: List of WP Meetup Groups – By Eagle

Ottawa WP – WordPress 6.3 Update: September 6th @ 4:00 pm

Bakersfield WP – Virtual WordPress Wednesday: September 6th @ 7:00 pm

Seattle WP – Freelancers Meetup: September 7th @ 10:00 am

Buffalo WP – Monthly Meetup: September 7th @ 4:00 pm

San Jose/Santa Cruz WP – Help Desk: September 7th @ 6:00 pm

Portland WP – Monthly Help Desk: September 9th @ 10:00 am

South Sound WP – Monthly Help Desk & Hacking: September 9th @ 10:00 am

Cambridge WP – Docker for WordPress Demo: September 11th @ 11:00 am

Learn WP – Using the Navigation Block: September 11th @ 3:00 pm

Portland WP – WordCamp US & WordPress 6.3: September 11th @ 6:00 pm

Learn WP – Using the Navigation Block: September 11th @ 7:00 pm

Internet Marketing: Unlocking the Power of AI & ChatGPT: September 12th @ 10:00 am

Woo News

WooCommerce 8.0.3 Fix Release

  • WooCommerce Blocks has been updated to 10.6.6. This fixes an issue where under certain circumstances cart and checkout pages would incorrectly be replaced with cart and checkout blocks. For complete details, see the release notes for 10.6.6.
  • A performance improvement to fix unnecessary queries related to WooPayments Incentives. #399882

WooCommerce 8.1 RC 1

Since the release of 8.1 Beta 1, the following changes have been made:

  • Fixed positioning of fixed block toolbar in IFrame editor used for product description, to make work with latest WordPress versions. (#39873)
  • Fixed edgecase performance issues around incentives caching. (#39958)

For the complete list of changes in WooCommerce, view the changelog in the readme for this release.

Final Release is scheduled for September 12, 2023

Changes in WooCommerce Core Beta Release Cycle

WooCommerce is making an adjustment to the release cycle of WooCommerce Core Beta. Specifically, shortening the Beta period from two weeks to one week.

Monthly releases will remain on the second Tuesday of every month. The RC period is staying the same at one week. These changes stem from internal adjustments to the release cycle, which aims to streamline the WooCommerce Core development process and ensure timely releases. Thank you for your cooperation in maintaining code quality and facilitating smoother releases.

WooCommerce Blocks 11.0.0 Release Notes

New Product Collection block

“Product Collection is the newest addition to our block library.

Like the Products block, you can choose what criteria affect the list of blocks displayed to shoppers and control the product layout in the list/grid by the various element blocks.

Unlike the Products block, which is a Query loop block variation, this block is a standalone block, enabling us to tailor the block further to better meet the merchant’s needs.

Existing templates with Product blocks will remain unchanged as we haven’t replaced them with Product Collection blocks yet.”

Enhancements

  • Enable Product Collection block. (#10524)
  • Add Product Collection Grid pattern. (#10660)
  • Enable manual migration of Products to Product Collection. (#10655)
  • Footer Patterns > Ensure the “My Account” text has the same font size as the other texts nearby. (#10614)
  • Updated the image format and content width for the Testimonials Single Pattern. (#10600)
  • Product Gallery block: Add Pager block. (#10320)

Bug Fixes

  • Fix UI misalignment of Filter by Price in TT1 theme. (#10732)
  • Refactor block variation registration in product-collection. (#10701)
  • Make View Cart link displayed below the Add to Cart button. (#10675)
  • Store Breadcrumbs block: Fix the icon color when the block is selected in List View. (#10652)
  • Fix the “On sale” badge class. (#10634)
  • Ensure the event dispatched when rendering the empty cart block is done only when it actually renders. (#10619)

Store Editing Snaps: August 14 – 25

“Every couple of weeks, WooCommerce gives an update on all the work being done on WooCommerce Blocks from behind the scenes. Click the link above to see what they have been up to.”

Word News

WordPress 6.3.1 Maintenance Release

“…minor release features 4 bug fixes in Core and 6 bug fixes for the block editor. You can review a summary of the maintenance updates in this release by reading the Release Candidate announcement.”

7 big updates coming in WP 6.4

Video by Jamie Marsland with some of his notes shown below

  1. Zoomed Out View in Gutenberg:
  2. Enhancements to the Group Block: Equivalent to the container block in other builders. New features include the ability to add padding, margin, minimum height, and background images.
  3. Font Library Update: Users can now upload their own fonts without plugins. Integration with Google Fonts, embedded directly into the theme.
  4. Native Image Lightboxes: Clicking on an image opens it in full screen within the browser without requiring additional plugins.
  5. Table of Contents Block Improvements: While currently manually added to each post/page, in 6.4 it can be set in a single post template to auto-generate for all posts.
  6. Time to Read Block: Calculates and displays estimated reading time for posts. Enhances user engagement by setting reading expectations.
  7. 2024 Default Theme: A multi-purpose theme that caters to entrepreneurs, photographers, artists, writers, and bloggers.

How to Create a Custom WordPress Search Form (Step by Step)

“WordPress comes with a built-in search feature. However, it doesn’t search all types of content such as comments, product reviews, or custom post types.

This may stop the visitor from finding what they’re looking for, including products they may want to buy on your online store.

You may also want to prioritize some content over others, so that it appears higher in the search results. For example, you may want to show your site’s latest posts at the top of the search results page, or display your most popular WooCommerce products.

With that in mind, let’s see how you can customize the WordPress search form. We cover a lot of ground in this post, so simply use the quick links below to jump straight to the section you want to read.”

Report: AI Will Rule Internet, Social Media w/in 3 Years

“Social media and online content are headed for a major invasion, with a report by Europol indicating that by 2026, artificial intelligence will generate and post the great majority of online content.

Several experts in the field predicted that AI will generate over 90% of online content by 2026…”

Review Signal Publishes 2023 WordPress and WooCommerce Hosting Performance Benchmarks

“Kevin Ohashi from Review Signal has published his 2023 WordPress and WooCommerce hosting performance benchmarks. This is his 10th round of capturing performance data from hosting companies that opt into the testing. Ohashi’s methodology tests two metrics through a variety of methods: peak performance and consistency.

The benchmarks include a LoadStorm test designed to simulate real users visiting the site, logging in, and browsing (uncached performance). They also test cached performance, SSL, WP queries per second, performance on some computational and database operations, and a WebPageTest that fully loads the homepage and records how long it takes from 12 different locations around the world. As part of the consistency testing, Ohashi also measures uptime using HetrixTools and Uptime Robot for a minimum of three months.”

Performant Translations Plugin Now Available on WordPress.org

“After an in-depth performance analysis earlier this year revealed that translations can impact server response times, WordPress contributors proposed half a dozen technical solutions for consideration to improve performance for the ~56% of sites that use translations.

Performant Translations, a feature project by the core Performance Team, is now available as a plugin on WordPress.org. It incorporates some of the proposed solutions and speeds up translations by converting .mo files to .php files, allowing them to be parsed faster and stored in OPcache.

It supports multiple file formats (.mo.php, and .json) and multiple text domains and locales loaded at the same time. Existing .mo files get converted to .php files which are then loaded by WordPress.”

Upon infection, Chaes installs malicious extensions in the victim’s Chrome browser to establish persistence, captures screenshots, steals saved passwords and credit cards, exfiltrates cookies, and intercepts online banking credentials.

“After an accumulation of undisclosed and unpatched vulnerabilities in plugins hosted on WordPress.org, Patchstack has reported 404 plugins to WordPress’ Plugin Review Team.”

“This situation creates a significant risk for the WordPress community, and we decided to take action,” Patchstack researcher Darius Sveikauskas said. “Since these developers have been unreachable, we sent the full list of those 404 vulnerabilities to the plugins review team for processing.”

“As of August 31, 2023, Patchstack reports the following stats associated with these reports to WordPress.org:”

  • 404 vulnerabilities
  • 358 plugins affected
  • 289 plugins (71,53%) – Closed
  • 109 plugins (26,98%) – Patched
  • 6 plugins (1,49%) – Not closed / Not patched
  • Up to 1.6 million active installs affected
  • Average installs per plugin 4984
  • Highest install count 100000 (two plugins)
  • Highest CVSS 9.1
  • Average CVSS 5.8
  • “Oldest” plugin – 13 years since the last update

WordPress migration add-on flaw could lead to data breaches

“All-in-One WP Migration, a popular data migration plugin for WordPress sites with 5 million active installations, suffers from unauthenticated access token manipulation that could allow attackers to access sensitive site information.”

Forminator WordPress Plugin Vulnerability Affects Up To 400,000+ Websites

“The U.S. Government National Vulnerability Database (NVD) published notice of a critical vulnerability affecting the Forminator WordPress Contact Form plugin up to an including version 1.24.6.

Unauthenticated attackers can upload malicious files to websites which, according to the warning, “may make remote code execution possible.”

The vulnerability score rating is 9.8, on a scale of one to ten, with ten being the most severe vulnerability level.”

“What makes this vulnerability particularly worrisome is that it allows unauthenticated attackers, those with no user level at all, to successfully hack the site.

A second reason why this vulnerability is rated 9.8 on a scale of 1 – 10 (critical) is that the attacker can upload an arbitrary file, which means any kind of file, like a malicious script.”

“According to National Vulnerability Database and the Wordfence WordPress security company, the issue has been addressed in version 1.25.0.”

Free Resources

Whimsical