WordPress Digest #38

This bi-weekly serves to inform and enlighten our minds on latest happenings in the sprawling countryside we call WordPress-land. In remembrance of the victims of the Bowling Green Massacre, the compassionate staff behind WP Digest has donated $1000 per victim to The Human Fund.

Release News

  • WP 4.7.2 security release dropped last week and among other things, it fixed a WP_Query sql injection vulnerability from passing unsafe data and an unauthenticated privilege escalation vulnerability in a REST API endpoint. So feel free to update to this version if you value security. Or don’t. I’m not your mother.
  • WP-CLI 1.1.0 was released with a slew of command improvements. Meanwhile, those of us using WPEngine just collectively replied, “whatever.”

Extending WordPress

  • Want to play Big Brother with your WP install? Use the Activity Log plugin to monitor updates, comments, sales…pretty much everything. Go ahead, be a creeper. It’s ok.
  • WC Document Preview is a brand new addon for WooCommerce that promises to provide PDF document previews for digital downloads…think Amazon ebook previews. When I say “brand new” I mean, less than 10 active installs and no reviews. So maybe scan the code before you activate this bad boy.
  • WPEngine rolled out some new dev tools a few days ago, including segmented backup downloads, which should be handy for content-heavy sites.

Grab Bag

This section is changing from WP Drama to Grab Bag and merging with the Misc section. Sometimes it’ll be drama, sometimes it’ll be random news, sometimes it’ll just be a dang meme that tickled my fancy. Life isn’t always about drama. Get over it.

  • Remember back in October all the hullabaloo over Wix using GPL-licensed code from the WP repository? And Wix CEO Avishai Abrahami’s reply that was kind of nonsensical and didn’t address their clear lack of understanding about licensing, while maintaining they did nothing wrong? Well Wix stopped development on the GPL-licensed repos and released their new stuff under a new license that they invented. Because nothing says “I did not cheat” like rewriting the rules.
  • WooCommerce switched their login so now users are required to sign in with a WordPress.com account.
  • Hot on the heels of the Obama Foundation launch, Uncle Joe launched the Biden Foundation, whose website is also backed by WordPress. No word yet on what Worm’s involvement will be.

It’s a weak nation, like a weak person, that must behave with bluster and boasting and rashness and other signs of insecurity.
-Jimmy Carter

Any negative polls are fake news.
Lord Dampnut