WordPress News December 9, 2022
WordPress contains many vulnerabilities in releases prior to 6.0.3
The US government is warning of various data loss threats affecting the popular (CMS) WordPress.
A security release has been released to address vulnerabilities found in previous versions. All versions of WordPress have been updated from 3.7.
Several types of vulnerabilities have been identified that affect this platform, including one known as cross-site scripting, also known as XSS.
Typically, this type of attack becomes possible when a web application poorly checks and filters the data entered into the form fields by the user or uploaded files to the site, such as photos and videos.
Another discovered threat for sites developed on the well-known WordPress platform is Stored XSS is more dangerous than the previous one. It is stored on the site itself and is executed when the user logs into the personal account, transferring data to the attacker.
What actions need to be taken to solve this problem? It is recommended that you immediately update your version of WordPress to the latest version.
WordPress performance improvements in the release 6.1
Many WordPress site owners have been waiting for this a long time.
The main performance gain came from WP_Query caching in the database. This means that when a visitor requests a page, only one database request will be made, after which the same page will be given to other users, but from the fast cache, until the data on this page is changed.
New website health check
Added two website health checks (Persistent Object Cache and Page Cache). These checks are designed to work in (production) environment only.
The first determines whether the site uses a persistent object cache, and will only recommend it if it makes sense. Special filters are provided to help hosting providers choose the most appropriate steps to optimize in their environment.
The second checks if the site is using full page caching and if the response time is acceptable. Also adds the necessary filters to customize the response limit and the ability to add custom cache headers to discover.
Added new templates to improve the work of authors
With these new and improved templates, authors now have near-total control over the creation of their sites. The set includes new tools such as editing headers and footers, a new find and replace tool. Well-designed and user-friendly management tools structure the layout of your new site making the process intuitive.
Configurable one-click lock for inner blocks
The new toggle makes it easy to apply the current lock settings to all blocks inside the main block, such as covers, groups, and columns.
Gutenberg now more flexible in editing
The most interesting is the new feature that makes easier to view the individual parts of the template and insert them from the block. Mainly intended for template designers and developers, this option makes it easy for users to select different options and inserts.
The template search component is the addition of a search function and the use of specific parts of a template.
Multiple accessibility improvements, adding tooltips and a Toggle block insert button.
Global style switcher.
Now you can enable several preset styles and instantly change the appearance of almost any page, achieving the maximum desired result.
You can always count on our help by contacting us through the contact form.