Stay ahead in the WordPress world with this week’s top updates, trends, and security alerts. From major plugin vulnerabilities and a rebranded automation tool to rising product prices and core development slowdowns—here’s everything you need to know to stay informed and secure.
What’s Buzzing in WordPress?
Stay informed with the most important updates, trends, and alerts across the WordPress world:
State of WordPress Security Report 2024 Released
WP Content has published its latest security report, showing a big increase in plugin-related issues, especially targeting small business websites. The message is clear: keep plugins updated and clean out unused ones to stay safe. Read the full report
SureTriggers Rebrands Automation Tool as OttoKit
SureTriggers has reintroduced its automation tool under a new name: OttoKit. This smart assistant uses AI to help automate tasks, suggest workflows, and make WordPress site management easier for users of all skill levels. Explore OttoKit
Developer Updates – March 2025 Recap
The WordPress Developer Blog shared key updates for March, including better performance tools, progress on block hooks, and early work on the new Interactivity API, all aimed at making WordPress faster and more flexible. See what’s new
Backup Plugin Vulnerability Affects 5 Million Sites
A dangerous security flaw in the All-in-One WP Migration plugin puts over 5 million sites at risk. Hackers can use it to break into websites and take full control. Site owners using this plugin should update immediately. Read the report
Is Google Marking Your Site as ‘Not Secure’?
WPBeginner explains why your WordPress site might show a “Not Secure” warning in browsers—and how to fix it. The guide covers SSL certificates, HTTPS, and tips to keep your visitors’ trust. Fix your SSL issue
WordPress Core Development Slows Due to Contributor Cuts
Fewer people are contributing to WordPress core lately, especially from major companies like Automattic. This slowdown is already affecting release timelines and raising concerns about the future pace of innovation. Read more
Rising WordPress Product Prices Spark Debate
A recent blog by Gaurav Tiwari explores how price increases for themes, plugins, and tools are putting pressure on freelancers and agencies. Many are now rethinking which tools are worth the cost. Check the analysis
What Happens If You’re Banned from WordPress.org?
A personal story from Progress Planner reveals the real cost of being banned from the WordPress.org ecosystem—less visibility, traffic loss, and no access to plugin updates. It’s a must-read for anyone building products for WordPress. Read the full story
50,000+ WordPress Sites at Risk from Unpatched Plugin
Security experts have found a serious issue in a widely used plugin that could let hackers run malicious code. Over 50,000 sites are affected. Check your plugins and update right away. Read the report
Automattic Cuts 16% of Staff Amid Legal and Market Pressures
Automattic, the company behind WordPress.com, has laid off 16% of its team. The decision comes during a period of legal trouble and market changes, affecting teams across several departments. Full story
‘Dollyway’ Malware Campaign Hits 20,000 WordPress Sites
A new malware attack named “Dollyway” has infected over 20,000 WordPress websites. The malware redirects visitors to scam sites and steals user data. Clean your site and update all themes/plugins to stay safe. Read more
Hackers Using MU Plugins to Hide Backdoors
Attackers are now using must-use (MU) plugins in WordPress to quietly install backdoors that stay hidden, even after most cleanups. These sneaky methods highlight the need for advanced security monitoring. Security advisory
Kinsta Launches Auto Plugin Updates for Easier Site Management
Managed hosting company Kinsta now provides automatic plugin updates, helping site owners keep everything secure and up to date with less hassle. You can still choose which plugins update automatically. Read the announcement
Mullenweg Considers Slowing WordPress Release Cycle Until 2027
To deal with shrinking contributor teams, WordPress co-founder Matt Mullenweg may slow down the major release schedule through 2027. This change would focus on building a more stable foundation for the platform’s future. Explore the discussion
Spotlight Picks:
Omnisend – Email & SMS Marketing So Good, It’s Boring
Omnisend automates email and SMS marketing with pre-built workflows, segmentation, and AI-driven insights. Perfect for eCommerce stores and marketers looking to boost engagement and conversions.
Kinsta – Managed Hosting for WordPress
Kinsta offers fast, secure, and feature-rich managed hosting for WordPress websites and agencies worldwide. Built for performance, security, and scalability, Kinsta is an extension of your business.
Kalium – Build Beautiful WordPress Sites Fast and Easy
Create stunning websites effortlessly with Kalium, the 5-star rated WordPress theme trusted by 47,058+ users. Ideal for businesses of all types looking for a fast and beautiful solution.
WP Engine – WordPress Hosting for Growing Businesses
WP Engine offers world-class managed WordPress hosting, built for scaling businesses. With exceptional performance and innovative tools, WP Engine helps unlock your next stage of growth.
Fresh Features Rollout
Stay updated with the latest WordPress enhancements and features rollout:
- WPForms Launches AI Calculations
Say goodbye to complex formula syntax! WPForms’ new AI Calculations feature lets you create powerful form formulas by simply describing them in plain English. From dynamic pricing to tuition fees, the AI assistant builds accurate formulas in seconds—perfect for eCommerce, event planning, real estate, and more. Check out AI Calculations - AIOSEO 4.8.0: Take Control of Crawling & Indexing
The new update gives you full control over crawlability with tools to clean up internal search URLs, block unwanted bots, and fix duplicate tracking links—boosting site speed and SEO in one go. Explore AIOSEO 4.8.0 Features - Stay Compliant & Sell Smarter with WP Simple Pay
New features alert! Get Stripe alerts inside WordPress, set required fees/add-ons, and cap payments with custom limits. Stay compliant and boost revenue—no Stripe logins needed. Update Now - WPConsent: Easy Cookie Management
Manage cookie consent effortlessly with WPConsent! Automatically scan for cookies, block scripts until consent is given, and customize banners without coding. Use geolocation for targeted banners and add a cookie policy page with ease. Explore Now - LatePoint 5.1.92 Update
The latest LatePoint update brings fixes for MariaDB database issues when bookings are made without cart items. Additionally, auto search has been improved—if disabled, it no longer starts searching for available dates. Learn More - ZipWP Now Supports Elementor!
You asked, and we listened! Elementor is now fully integrated with ZipWP. Simply choose Elementor on the “Select Design” screen, and ZipWP will set up your site. Then, customize it easily with Elementor.
This is a beta release, and more Elementor-based designs are coming soon. Start Building Now! - Global Sponsorship Dream Team for 2025!
Bluehost and Kinsta join Automattic, A2 Hosting, and Woo to complete our WordPress sponsorship lineup for 2025. Their support powers WordCamps and Meetups worldwide, fueling innovation and community growth. Learn More
Core Updates & Essentials
- What’s new in WordPress 6.8
WordPress 6.8 enhances security with bcrypt password hashing, improves performance with asynchronous Interactivity API updates, streamlines block registration, updates UI components, and introduces several developer-focused optimizations for better site performance. Read More - WordPress 6.8 Beta 3 Now Available!
WordPress 6.8 Beta 3 is here for testing! It’s packed with fixes and improvements, including 3 editor updates and 16 core fixes. Test it on a non-production site to help refine the final release. Start testing WordPress 6.8 Beta 3 today!
Fresh Releases
- Yo Booking – Streamline Your Appointment Scheduling
Yo Booking is an intuitive WordPress solution for managing appointments. Perfect for service-based businesses like salons, clinics, or consultancies, it simplifies the booking process for both admins and clients. Try Now!
Exclusive Deals Digest
- IndependentWP: Save 44%. Grab the deal
- Kinsta: First month free + save $70 annually. Try now
- Bit-Flows: Early Bird Lifetime $149–$499. Get yours now
- 20i: Managed WordPress Hosting from $10.99/mo. Start today
- MySites.Guru: £19.99/month for unlimited sites. Sign up now
- A2 Hosting: Save up to 76%. Plans from $2.99/mo. Get started
- SureTriggers: Save 33% on lifetime. Claim now
For lifetime deals visit here 👉 WordPress Lifetime Deals
Mark Your Calendar
If you’re looking for opportunities to network and learn, check out these upcoming WordPress events and meetups:
- DE{CODE} (Apr 15, 2025)
- Clean Architecture Masterclass (May 12-15, 2025)
- WordCamp Lisboa (May 16-17, 2025)
- WordCamp Leipzig (May 16,-17, 2025)
- WordCamp Johor Bahru (May 17, 2025)
- The Principal Dev – Masterclass for Tech Leads (May 22-23, 2025)
- Clean Code: The Next Level (Jun 5-6, 2025)
- WordCamp Europe (June 5-7, 2025)
- WordCamp US (August 26-29th, 2025)
- WordCamp Asia (2026)
That’s a wrap for this week’s WPDigest! Stay tuned for more exciting WordPress updates next week.
📩 Enjoyed this digest? Share it with your network!
