Welcome
Issue #142
Another week and some more WordPress news for you.
This week we have WordPress updating to version 5.6 with some nice new features like Application Passwords and auto updates to core. We've also got Matt Mullenweg taking the 'State of the Word' address online. Elementor has released their Cloud version so that you don't have to mess around with WordPress setup. WooCommerce purchase MailPoet in a bid to get more service under the Woo umbrella.
There's heaps more, so take a look...
This Week in WordPress
This Week in WordPress
This Week in WordPress #142
Recorded on Monday 14th December. With Nathan Wrigley, Paul Lacey, Sabrina Zeidan and Leo Mindel.
Each week we discuss some of the the stories (from below) which captured our attention. It's like this newsletter but with real people!
If you ever want to join us live you can do that every Monday at 2pm UK time on the WP Builds LIVE page.
wpbuilds.com
WordPress Core
WordPress 5.6 “Simone” Includes New Twenty Twenty-One Theme and Improved Editor
"WordPress 5.6 “Simone,” named in honor of American performer and civil rights activist Nina Simone, was released today and is now available for download. The release was led by an all-women release squad, a first in WordPress history. The new version includes many enhancements for the block editor, accessibility improvements, application password support for the REST API, and a new default theme."
wptavern.com
WordPress 5.6 Introduces a New Risk to Your Site: What to Do
"Application Passwords add functionality, and risk. WordPress 5.6 will come with a new feature that allows external applications to request permission to connect to a site and generate a password specific to that application. Once the application has been granted access, it can perform actions on behalf of a user via the WordPress REST API."
wordfence.com
Five awesome new features in WordPress 5.6
"Today, WordPress 5.6 sees the daylight! This release is chockfull of good stuff, with a new default theme called Twenty Twenty-One, application passwords, loads of editor updates and an automatic update feature. This release was led by an awesome team and they did a really good job. Here’s an overview of some of the best new features in WordPress 5.6!"
yoast.com
Application Passwords: Integration Guide
"WordPress 5.6 will finally see the introduction of a new system for making authenticated requests to various WordPress APIs — Application Passwords."
wordpress.org
'This Week in WordPress' Sponsor
AB Split Test
Want to set up your AB Split test in record time, like a couple of minutes? Use your existing pages and test anything against anything else. Buttons, images, headers, rows... anything. The best part is that it works with Elementor, Beaver Builder and the WordPress Block editor. Check it out and get a free demo at absplittest.com
apsplittest.com
Community
News – State of the Word 2020
"State of the Word is an annual keynote address delivered by the project co-founder, Matt Mullenweg. This year’s keynote will be streamed on Facebook, YouTube, and Twitter on Thursday, Dec 17th, 2020 at 1600 UTC."
wordpress.org
WordPress Community Team Discusses Return to In-Person Events
"As pandemic-weary communities muster the discipline to ride out the next few months under continued restrictions, a new discussion popped up on WordPress.org regarding the return to in-person events. WordPress has canceled all in-person events through the end of the year and 2021 flagship events have already been designated as online-only. Community organizer Angela Jin cited recent successful vaccine trials as a prompt for discussing how WordPress can safely resume in-person events."
wptavern.com
Do you update all-the-sites when there's a WordPress Core update?
I was just curious about what people do when a new WordPress Core update comes around and so I created this poll. It's in the WP Builds Facebook Group if you wanted to add your thoughts. Seems like caution is the most widely used approach.
WP Builds Facebook Group
An Introduction to the WordPress PHP Coding Standards
Coding makes you follow rules – every language has its own syntax to which you have to adhere if you want your code to compile or run. But there is another set of rules, that while isn’t essential for the actual running the code, helps in peripheral parts of coding. These rules are called Coding Standards.
wpshout.com
Plugins / Themes / Blocks
Elementor Cloud | Professional WordPress Website Hosting
"Fully Hosted by Elementor. Elementor Cloud has built-in hosting, providing you with a reliable and seamless site creation experience."
elementor.com
MailPoet Joins WooCommerce
"The MailPoet team is joining WooCommerce – one of the fastest-growing businesses at Automattic! I couldn’t be more delighted with this outcome for our users, the MailPoet team, and MailPoet itself."
mailpoet.com
Twenty Twenty-One: First Look at the New Default WordPress Theme
"Twenty Twenty-One is the brand new WordPress default theme coming with WordPress 5.6. As has been the case for its predecessor, the Twenty Twenty-One WordPress theme continues the minimalist theme design. If you are looking for a great theme to base your own off of, you are in luck."
ithemes.com
Free WordPress Plugin: Disable Application Passwords
"Launching a free plugin to disable the new Application Passwords feature introduced in WordPress version 5.6. The plugin is one line of code. Install and activate to completely disable all of the Application Passwords functionality. To re-enable all Application Passwords, simply deactivate/uninstall the plugin. Easy peasy."
perishablepress.com
EditorPlus 2.4 Released, Builds Upon Its ‘Extend Core Blocks’ System
"On Tuesday of this week, Munir Kamal released version 2.4 of his EditorPlus plugin. Aside from a few bugs and making sure the plugin was compatible with WordPress 5.6, he added an icon selector for the Button block and SVG shape overlays for the Image block. This is on top of a new “Extend Core Blocks” system he added in the previous version."
wptavern.com
UI Kits, Borders & Improved Performance
"Today we’re in the first phase of our UI Kits and added some highly requested features: borders and HTML anchor links. We’ve also greatly increased our plugin’s performance and compatibility with the upcoming WordPress 5.6 update."
wpstackable.com
Security
Critical Vulnerability in Easy WP SMTP WordPress Plugin
There is a password reset vulnerability caused by a data leak from a debug log file in the WordPress plugin Easy WP SMTP. “WP eCommerce” released Easy WP SMTP WordPress plugin version 1.4.3 which patches the easily exploitable and dangerous vulnerability found by NinTechNet. It appears that Easy WP SMTP plugin version 1.4.2 and older versions are vulnerable due to sensitive information disclosure. This plugin has more than 500,000 active installs.
webarxsecurity.com
Reflected XSS in PageLayer Plugin Affects Over 200,000 WordPress Sites
"On November 4, 2020, the Wordfence Threat Intelligence team found two reflected Cross-Site Scripting (XSS) vulnerabilities in PageLayer, a WordPress plugin installed on over 200,000 sites. These vulnerabilities could lead to an attacker executing malicious Javascript in an administrator’s browser, which could lead to takeover of a vulnerable WordPress site."
wordfence.com
WordPress Vulnerability News, December 2020
"WordPress vulnerability news is a weekly digest of highlighted WordPress plugin security vulnerabilities or vulnerability discloses that have been published (there are other, less critical vulnerabilities on smaller plugins that unfortunately don’t make it to the list)."
webarxsecurity.com
WP Builds
Get meaningful feedback about your product or service
DEAL ALERT – Get 10% off Simple Feature Requests, check out the podcast page for details. If you have a product or service, it’s critical that you have a mechanism for users to be able to offer their feedback. That could be comments, but perhaps more importantly you’d like to offer your users a way to help you make the product better. Today we’ve got a WordPress plugin which can do just that… and it’s called Simple Feature Requests.
wpbuilds.com
Not WordPress, but useful anyway…
Wonder – Online events that are fun
"Online gatherings that are fun are better. Wonder is a virtual space where people can meet and talk."
wonder.me
State of CSS 2020 Survey Results: Tailwind CSS Wins Most Adopted Technology, Utility-First CSS on the Rise
"The State of CSS 2020 survey results have just been published, with a summary of the tools, methodologies, frameworks, and libraries that are currently favored by CSS professionals. It includes data from 11,492 respondents in 102 countries, after the questions were translated for the first time into a dozen different languages."
wptavern.com
How to use Google Chrome's hidden tab search feature
"Do you have a tab addiction? On a busy day, it can be pretty easy to accidentally open a few dozen tabs and quickly lose track of the one you need. Luckily, there’s a neat trick that can enable search for tabs in Google Chrome. Here’s how to use it."
9to5google.com