From stealthy malware attacks and plugin vulnerabilities to powerful new tools and fresh themes, this digest brings you everything you need to stay informed, secure, and ahead in the WordPress ecosystem.
Kinsta â High-Performance Hosting for WordPress
Trusted by 120,000+ businesses, Kinsta delivers high-performance, secure hosting for WordPress sites of all sizes. Built on Google Cloudâs Premium Tier with the fastest C2 and C3D servers and 37+ global data centers, Kinsta ensures your site loads fast, anywhere in the world. . Explore Kinsta Hosting.
SERP Forge – SEO That Gets You Found
Struggling to rank? SERP Forge helps WordPress brands skyrocket to the top with battle-tested SEO and content marketing strategies. More traffic, more conversions – without the guesswork. Know more.
â Brought to you with support from these partners
đĄ WordPress Spotlight
- WPBeginner Turns 16 â Milestone Celebration & Giveaway
WPBeginner is celebrating its 16th birthday! Founder Syed Balkhi reflects on the journey from a simple tutorial site to a global hub for WordPress beginners and entrepreneurs. To mark the milestone, theyâre running a massive giveawayâ87 winners will share in over $20,000 worth of WordPress tools and plugins. (Source) - How Medicai Scaled 10x with Ahrefs
Healthcare startup Medicai used Ahrefs SEO tools to skyrocket their organic trafficâfrom stagnant rates to 10Ă growth, particularly targeting users searching for terms like âfree online CT viewerâ and clinic services. This case study is a great example of how niche B2B sites can leverage well-planned SEO strategies to win highly-specific leads. (Source) - Divi 5 Introduces âRelative Colorsâ with HSL Support
Diviâs newest update brings a major improvement to design flexibility: a rebuilt color picker that uses HSL (Hue, Saturation, Lightness) and supports âRelative Colorsâ, letting you create color variants that dynamically adjust based on a base palette. This feature enables brand-wide color consistency and powerful design controlâwithout writing any code.(Source) - WordPress Developer Blog Needs You!
The official WordPress Developer Blog is inviting new writersâespecially those interested in block editor topics, patterns, templates, or APIs. No prior experience needed!
To get involved, join the Make Core Slack channel, attend the monthly editorial meetings (first Thursday at 15:00 UTC), and follow the writing guidelines. This is a great chance to share your knowledge and contribute to the WordPress developer community. (Source) - WP Accessibility Day Project Goes Global
WP Accessibility Day is translating its website into multiple languages to broaden its reach and support inclusive web design worldwide.
The initiative welcomes volunteer translators to help make accessibility resources easier to find and useâsupporting international WordPress users in building more inclusive sites. (Source) - Malware Found in Gravity Forms Plugin (Manual Install Only)
Security researchers discovered that the Gravity Forms plugin versions 2.9.11.1 and 2.9.12, downloaded manually during July 10â11, contained hidden malware. The malicious code could steal data, create admin backdoors, block updates, and run remote commands on infected sites. (Source) - Introducing WordPressâŻCredits: A New Internship Program for Students
The WordPress Foundation has launched WordPressâŻCredits, an internship-style program aimed at university students from any field of study. The pilot â in partnership with the University of Pisa â began at WordCamp Europe 2025. Students get structured training, mentor guidance, and hands-on projects working directly within the WordPress open-source ecosystem. Universities, companies, and sponsors are encouraged to join the initiative. (Source) - KimâŻParsell Memorial Scholarship Now Open for WCUSâŻ2025
The WordPress Foundation is offering one scholarship to a woman contributor who has never attended WordCamp US before. The award covers travel to WordCamp US 2025 in Portland and honors Kim Parsellâs legacy. Applications close JulyâŻ25,âŻ2025, with the recipient notified by August 7. (Source) - WordPress Still Dominates with Over 518 Million Sites
According to recent data from DesignRush, WordPress now powers more than 518 million websites, capturing 61% of the CMS market and around 43% of all websites on the internet. The platform remains far ahead of competitors like Shopify (6.7%) and Wix (5.4%). WordPress also drives massive content: over 70 million posts and 77 million comments monthly, seen by 409 million people across 20 billion pages each month. (Source) - Forminator Plugin Vulnerability Puts 600,000+ Sites at Risk
The popular Forminator plugin (up to version 1.44.2) has a critical, high-severity flaw (CVE-2025-6463, CVSS score 8.8) that allows unauthenticated attackers to delete any fileâpotentially taking over WordPress sites. Security firm Wordfence and others urge immediate updates to patch the issue. (Source) - WooCommerce Official Block Theme Coming Soon
The WooCommerce team is preparing to release its first official full-site block themeâfully compatible with WordPress block editor and optimized for store performance. Developers can expect its official release on July 7, 2025, aligning with WooCommerce 10.0. The theme is open-source, inviting community feedback and customization. (Source) - Fake Spam Plugin Hides in WordPress to Bypass Detection
Security firm Sucuri discovered a clever malware plugin that impersonates a siteâs own domain. It remains hidden by showing clean content to users while injecting spam (like pharma ads) to search engines via a remote command server. This kind of cloaking makes detection hard and highlights the need for thorough plugin reviews. (Source) - DeepSeek Banned in Germany Over Data Transfer Concerns
German regulators have asked Apple and Google to remove the DeepSeek AI chatbot from their app stores, citing its illegal transfer of German user data to Chinaâviolating EU GDPR rules. This move adds to previous actions by Italy and other EU countries scrutinizing DeepSeekâs data handling. (Source) - Cloudflareâs PayâPerâCrawl Sparks SEO Storm
Cloudflare now blocks AI crawlers by default on new domains and lets site owners charge bots per crawlâa move thatâs igniting debate in the SEO community. Proponents say it’s fair compensation for scraped content; critics worry it could reduce AI-driven visibility and cause confusion. Publishers should carefully consider their options. (Source) - Automattic Puts Tumblr Migration on Hold
Automattic CEO Matt Mullenweg confirmed on The Vergeâs Decoder podcast that the project to migrate Tumblr into the WordPress platformâincluding its integration with the fediverseâis now indefinitely paused. The focus has shifted to user-facing improvements while Tumblr explores its own path forward. (Source) - Group.one to Acquire SocialPilot
group.one (previously one.com) announced an agreement to acquire SocialPilot, a social media management SaaS used by agencies and SMBs since 2014. This move expands group.oneâs portfolio, allowing it to offer a comprehensive suite of marketing and social tools. (Source) - Make.WordPress.org âPlugins Teamâ Gets a Name Upgrade
The WordPress Plugin Review Team has officially rebranded itself as the Plugins Team to better reflect its broader role in developer support, tooling, and directory improvementsânot just review tasks. The change will be rolled out across WordPress.org soon. (Source) - Vulnerability disclosure programs (VDPs)
Oliver Sild is publicly criticizing Wordfence for allegedly disregarding vulnerability disclosure programs (VDPs) that plugin developers have set up via Patchstack. He points out that Wordfence is now asking those same developers to sign up for their own disclosure system and modify their existing VDPsâraising ethical concerns within the WordPress security community. (Source) - Over 4.6 million online stores are powered by WooCommerce!
From solo entrepreneurs to large enterprises, WooCommerce offers the freedom and flexibility to build and grow on your own termsâwith full ownership of your store and data. (Source) - Milestone Alert: 1 Million Downloads!
Amelia, the popular appointment booking plugin, has officially crossed 1 million downloads on WordPress.org! đ The Amelia team extends heartfelt thanks to their community for the support, feedback, and trust that helped shape the product. (Source)
đˇď¸ Exclusive Deals Digest
Unlock incredible lifetime deals on the best WordPress tools and services, saving you money while enhancing your website. Donât miss out on exclusive offers that can transform your WordPress experience.
⨠Fresh Features Rollout
- Gutenberg 21.1: Smarter Icons & UI Tweaks
Gutenberg 21.1 introduces custom icon support for the Social Links block and continues refining block settings with the updated ToolsPanel UI. The Interactivity API gets performance updates, and several bugs have been squashed for a smoother editing experience.(Source) - Finix for WooCommerce 1.3.0: Power-Up Your Checkout
Finix has launched its official WooCommerce plugin (v1.3.0) to simplify fast, flexible, and secure payment processing. Now supporting Google Pay, $CAD payments, and improved performance, the plugin lets merchants accept cards, ACH, and Apple Payâright out of the box. With support for both classic and block-based checkout, real-time webhooks, dispute handling, and an easy setup process, Finix is perfect for both new stores and growing brands. (Source) - BuddyBoss App Gets Multilingual Support
Say hello to global growth with the new Multilingual Support feature in the BuddyBoss App. Now available on all licenses at no extra cost, it lets members choose their preferred language (20+ supported), detects phone language automatically, and offers seamless in-app switching. Easily manage translations via CSV or WPMLâs AI-powered services. Whether you’re expanding into regulated markets or building an inclusive global community, this update helps every member feel at home. (Source) - EasyCommerce 1.0.3: Bug Fixes & Smoother Addons Flow
The AI-powered EasyCommerce plugin for WordPress just rolled out version 1.0.3. This update squashes bugs like faulty currency switching, incorrect stock messages, and disabled cart buttons. It also improves image data handling, refines the addons installation flow, and adds a new slug field in product settings. A solid step toward making WooCommerce alternatives even faster and smarter. (Source) - FluentCommunity 1.7.72: Minor Fixes, Better Search & Course Schema
FluentCommunity’s latest update (v1.7.72) brings small but meaningful improvements. New features include Course Schema for SEO, better search indexing, and enhanced mobile responsiveness. It also improves translation strings and handling of blocked profiles. (Source) - WPConsent 1.0.8: Privacy Update
WPConsent 1.0.8 brings powerful privacy updates, including a new Do Not Track addon that lets users easily submit opt-out requests via a dedicated pageâno coding required. All requests are stored locally with export options for compliance. You can now allow consent toggles by individual services (like Google Analytics or YouTube) instead of broad categories, giving users more control and improving trust. Plus, a new floating settings button lets users manage their preferences even after dismissing the cookie banner. A solid step forward for transparency and GDPR/CCPA compliance. (Source) - Search & Replace Everything 1.0.8: Easy Image Replacement & Media Filtering
Search & Replace Everything 1.0.8 lets you effortlessly replace images with different file extensions across your WordPress site, such as swapping JPEGs for faster WEBP filesâwithout manually updating every page. The update also adds filters in the Media Library to quickly find used and unused images, making cleanup simple. These features save time, improve site speed, and reduce developer dependence. Try the latest version to streamline your image management and boost performance. (Source)
đ Fresh Releases
- AI Alt Writer â Effortless AI-Generated Alt Text for WordPress Images
AI Alt Writer uses advanced AI to automatically generate alt text for your WordPress images, improving accessibility and SEO with no manual work. It works seamlessly with your media library for both new and existing images. Affordable plans start at $19, making it ideal for bloggers, developers, and agencies who want smarter, faster, and more inclusive websites. (Source) - Charitable Donor Management System!
Weâre excited to launch the new Donor Management System in Charitable Pro, your all-in-one tool to easily manage donors and track donations right from WordPress. Quickly access donor profiles, view giving history, generate reports, and handle both online and offline donations with ease. Streamline your fundraising and give donors a seamless experience with their own dashboard to manage contributions and receipts. Available now with Charitable Pro simply update your plugin and get started today! (Source) - AI Consigliere: GPT-Powered Taxonomy Auditor for WordPress
AI Consigliere is a developer tool that connects your WordPress admin to the OpenAI API, helping you audit and improve your siteâs taxonomy terms using GPT-4 language analysis. It features admin-only access, an easy API key setup, taxonomy selection UI, and AJAX-based requests. The plugin sends taxonomy data to OpenAI servers for processing but stores no data locally. Users must provide their own OpenAI API key and comply with OpenAIâs terms and cover API costs. (Source) - AI Database Optimizer: Smart, Safe WordPress Optimization
AI Database Optimizer uses AI to analyze and optimize your WordPress database for better speed and efficiency. It creates automatic backups before each run, offers smart indexing, scheduled optimizations, real-time monitoring, and detailed reports. All backups are securely stored locally, with easy restore options. No visitor data is collected or sent outside your site, ensuring privacy and safety. (Source) - Advanced Download Box: Stylish, Flexible Download Links
Advanced Download Box lets you create professional, customizable download boxes for any post or page. Customize colors, typography, icons, and layout to match your siteâs design. Add multiple download links with titles, descriptions, and file sizes. You can restrict downloads to logged-in users and display boxes automatically or via shortcode. The plugin is SEO-friendly, easy to manage with a clean admin interface, and built with security and performance best practices. (Source)
đď¸ Mark Your Calendar
If youâre looking for opportunities to network and learn, check out these upcoming WordPress events and meetups:
- WordCamp US (August 26-29th, 2025)
- WordCamp Bengaluru (August 31th, 2025)
- WordCamp Canada (October 16-17, 2025)
- WordCamp San Jose (October 31, 2025)
- WordCamp Kansai (November 1-2, 2025)
- WordCamp Athens (November 8, 2025)
- WordCamp Europe (Poland, June 4-6, 2026)
- WordCamp Asia (Mumbai, 2026)
Thatâs a wrap for this weekâs WPDigest! Stay tuned for more exciting WordPress updates next week.
Want to feature your WordPress product, service, or update news? Submit it for free using our form, helping spread the goodness of WordPress!
đŠ Enjoyed this digest? Share it with your network!
