📆 This is the March 2024 edition of “This Month in WordPress with CodeinWP.”
Howdy, WordPress fans!
We are back with the latest edition of our monthly WordPress news roundup, covering all the biggest WordPress news and events from the past 30 days or so.
In some of the largest news from the past month, the results are out for the 2023 WordPress Annual Survey, which provides some interesting insights into the state of the WordPress community. We also got our first look at some of the betas for WordPress 6.5, which will be officially released in late March.
Beyond that, someone forked the popular Nginx web server, WP Fusion published an interesting 2023 roundup, the WP Tavern is alive again, and there were some high-severity vulnerabilities in a number of popular plugins.
Let’s get to all of the WordPress news from the past month…
March 2024 WordPress News with CodeinWP
The 2023 WordPress Annual Survey results are out
Every year, WordPress runs an annual survey to connect with the WordPress community and see how people are feeling.
On February 14th, we got a look at the final results for the 2023 WordPress Annual Survey…and things are a bit mixed, with a good amount of frustration over the Site Editor:
- 3,922 people filled out the survey. This is more than 2022 (3,357 responses) but less than 2021 (7,710 responses). The goal for this year had been to achieve more than 7,000 responses, so the survey fell short in that respect.
- WordPress’s Net Promoter Score (a general measure of customer happiness/loyalty) is down for the second year straight. In 2021, it was 45. In 2023, it’s down to 27.9 for contributors and 32 for non-contributors.
- 63% of respondents said that WordPress is better than other CMSs, which is down from 68% in the previous year’s survey.
- 45% of respondents agreed that the Site Editor meets their needs, while 29% disagreed and 26% were indifferent.
- When asked to name the three best things about WordPress, the following saw the biggest decrease versus previous years – “ease of use,” “flexibility,” “cost,” and “block themes.”
Personally, I have yet to start using the Site Editor for any of my projects. While I recognize that it has some advantages, it also still feels clunky to me, especially around things like navigation menus and sidebars. So far, I don’t feel like the Site Editor will help me build websites better and/or faster, which is why I haven’t adopted it.
At the same time, so much WordPress development focus has been on the Site Editor, to the point that WordPress feels a bit static if you’re not using the Site Editor. Given that, I can understand where people’s frustrations are coming from.
Based on the frustrations expressed in the annual survey, it’s perhaps not a huge surprise that WordPress’s market share seems to have peaked. After years of constantly moving upwards, WordPress seems to be stuck at around 43% of the CMS market. It first achieved that number in January 2022, and it’s still around that number more than two years later.
Don’t get me wrong – that market share is still incredibly dominant. But after years of WordPress being the one moving up, it’s worth noting that that growth seems to have shifted to other platforms like Wix, which had a 1.9% share in 2022 that has grown to 2.6% today.
If you want to dig into the results yourself, here are some helpful links:
WordPress 6.5 beta is out
In February, we got our first look at the WordPress 6.5 release with multiple beta releases.
Work on WordPress 6.5 began in late 2023 and is currently scheduled for live release at the end of March (March 26, to be specific).
The first beta – WordPress 6.5 Beta 1 – was released on February 13. It introduced a number of new features and enhancements that you’re free to start testing:
- Font Library – you’ll finally be able to access the new Font Library feature that had originally been scheduled for WordPress 6.4 (before getting pushed back to 6.5).
- Improvements to synced patterns – you’ll have more control over synced patterns, including being able to more easily override certain parts of the pattern.
- Limited dynamic content support – you’ll be able to connect core block attributes to custom fields. If you want more advanced support for dynamic content in blocks, check out the free dynamic content feature in Otter Blocks (we have an Otter Blocks review here).
- Interactivity API in core – this is a framework for developers that offers a standardized way to bring interactive front-end experiences to blocks.
As always, you should never update to these beta releases on a live production website. However, it is worth playing around with them before their release so that you know what’s coming. You can easily set up a safe testing ground using services like InstaWP or TasteWP.
There will also be multiple WordPress 6.5 Release Candidate versions in March, which will give you an opportunity to test a more polished version of the update.
As a nice added bonus for testing things out, vulnerability bounties are doubled between the release of WordPress 6.5 Beta 2 (February 20) and the final Release Candidate (scheduled for March 19).
Check out interesting internet stats for 2024
This past month, we’ve published a number of statistics roundups for various areas of the internet.
For example, did you know that over 5.3 billion people worldwide are using the internet? Just a few years ago, that number was closer to 4 billion, which is a pretty big jump.
I didn’t know the internet had grown so much over the past couple of years, but now I do!
If you’re interested in learning more about different areas of the internet, you can check out these posts:
You may also be interested in:
A detailed look at running a WordPress business – WP Fusion 2023 year in review
Personally, I always think it’s super interesting to see the numbers and behind-the-scenes details of running a WordPress business. That’s why I always love when business owners publish detailed year-in-review posts, like this 2023 year-in-review post from WP Fusion.
If you’re not familiar with WP Fusion, it basically helps you connect your WordPress site to your email marketing service or customer relationship manager (CRM) and implement all sorts of interesting automations/data syncing.
In the post, Jack (the owner) shares a lot of details about running the business, including hard revenue numbers – WP Fusion generates about $800,000 per year in overall revenue.
I also found it interesting to see other revenue numbers. For example, WP Fusion had to deal with about $45,500 in refunds alongside that $800,000 in revenue, which is pretty sizable.
The average subscriber lifetime value is also $1,172, which is a number that a lot of WordPress businesses would love to have. I’m guessing that this is because of the “sticky” nature of WP Fusion’s offering, as users will heavily integrate its automations into their business workflows.
Beyond the money details, Jack also shares lots of other interesting numbers, such as which integrations saw the biggest growth, the number of support tickets, and some general reflections.
Overall, if you’re running a WordPress business or just generally interested in the behind-the-scenes of running a WordPress business, I think that this one is a great read.
Nginx developer quits and forks Nginx
This one isn’t WordPress-specific, but it could affect the WordPress hosting landscape because of how many WordPress hosting services use Nginx as a hosting server and/or reverse proxy.
In 2019, Nginx Inc. was acquired by F5, a large American technology company based in Seattle.
Fast-forward to February 2024 and Maxim Dounin, a Russian developer who has been contributing to Nginx for free after F5 ceased operating in Russia, said that he “no longer [sees] Nginx as a free and open source project developed and maintained for the public good” because of the changes that F5 has made.
As a result of that, Maxim has forked Nginx and created Freenginx, “which is going to be run by developers, and not corporate entities.”
If you want to learn more, Ars Technica has a detailed post about the topic, and Adam Silver also recently covered it at WP Tavern.
It remains to be seen whether the Freenginx project will be viable or not. But if Freenginx does pick up steam, it could affect the hosting industry.
In his post at WP Tavern, Adam had this to say about how some hosts are approaching it:
In speaking with some of my contacts at a variety of WordPress hosting companies, the overall sentiment was both a wait-and-see approach along with some light concern and trepidation.
The WP Tavern is alive again
Last month, I included a news item about how the WP Tavern blog seemed to have fallen silent, with no news on any potential new hires.
I’m happy to report that the situation now seems to have changed.
On February 7th, Matt Mullenweg posted that he had shortlisted seven candidates to do a two-week trial at WP Tavern. During that two-week trial, the candidates will have full posting access on WP Tavern and “can participate however they like.”
After the two-week trial period, Matt will decide on two candidates to receive full-time employment offers from Audrey Capital (which covers the costs for WP Tavern).
James, one of the trial participants, also published a post describing the process in a little more detail.
Matt also mentioned that he wants to set up “some fair and transparent system for freelancers to contribute to the site as well.”
All that to say, we should start seeing more regular content at WP Tavern soon.
Clearly, my mention in last month’s news roundup made all the difference. That’s a joke.
The WordPress Foundation publishes its 2023 report
If you’re not familiar with the behind-the-scenes structure of WordPress, The WordPress Foundation is the non-profit that holds the trademark for WordPress.
Prior to 2010, the for-profit Automattic company held the trademark before transferring it to The WordPress Foundation.
In addition to serving as a non-profit home for the trademark, The WordPress Foundation also plays a role in a lot of in-person events.
In February, The WordPress Foundation published its annual report for 2023, which largely focuses on the WordPress meetups and WordCamps taking place in 2023.
If you want to check out the report, you can view it here – it’s quite short, so don’t worry about needing to invest a lot of time to read it.
Registration open for WP Engine’s DE{CODE} developer conference
While on the topic of conferences, let’s talk about a WordPress conference that isn’t a WordCamp – DE{CODE}.
Recently, WP Engine opened up registrations for DE{CODE} 2024, its virtual developer conference.
The conference will take place on March 19th and 21st and explore various topics, such as:
- The next generation of WordPress
- How to improve your workflows as a developer
- Emerging technologies that will affect how you work, such as AI
In total, there will be four breakout tracks:
- Perform 🎭
- Maximize 📈
- Monetize 💰
- Innovate 💡
In addition to the event listing page, you can also check out a blog post about the open registrations here.
If you can’t attend live, all of the presentations will also be available on YouTube after the conference finishes.
Are you a photographer? You can contribute at WordCamp Europe
WordCamp Europe 2024 is scheduled to run from June 13–15 in Torino, Italy.
In February, the WordCamp Europe team put out a call for volunteer photographers to help “capture as much of the 3-day event as possible.”
If you’re a photographer (and/or a photo editor) and you’d like to contribute to making WordCamp Europe 2024 a success, you can learn more about contributing your photography skills here.
Some WordPress plugin vulnerabilities from the past month
This past month saw some vulnerabilities in a number of popular WordPress extensions.
To finish out our news roundup, let’s do a rapid-fire rundown of some of the most notable vulnerabilities from the past month:
- Bricks Builder – publicly published on February 13 – there was a critical vulnerability that was being actively exploited, rated 9.8/10 on the Common Vulnerability Scoring System (CVSS). It’s been patched in version 1.8.6.1.
- MasterStudy LMS – publicly published on February 16 – there was a critical vulnerability (also rated 9.8/10). It’s been patched in version 3.2.6. All versions prior to that (3.2.5 and under) are affected by the vulnerability.
- SeedProd – publicly published on January 31 – there was a high-severity vulnerability that affected all versions up to and including 6.15.21. The problem was fixed in version 6.15.22, but that version also introduced a bug, so you should make sure that you’re using at least version 6.15.23.
- Backuply – publicly published on February 8 – there was a high-severity vulnerability that made it possible for malicious actors to easily create a Denial of Service attack to crash sites by overwhelming server resources. The problem was fixed in version 1.2.6.
- WP Recipe Maker – publicly published on February 7 – there was a high-severity vulnerability that would allow users with the Subscriber role and above to run SQL injection attacks. This was fixed in version 9.2.0.
- Elementor – publicly published on February 7 – there was a high-severity vulnerability that would allow users with the Contributor role and above to delete arbitrary files and inject PHP objects. This was fixed in version 3.19.1.
The respective developers have already patched all of these vulnerabilities. However, if you’re using one of these extensions, you’ll want to make sure that you update ASAP. These vulnerabilities are also not the only ones from the past month. If you want to keep on top of vulnerabilities in the WordPress space, the Wordfence Intelligence Vulnerability Database is a great place to start.
That sums up our March 2024 WordPress news roundup. Anything we missed?
…
Don’t forget to join our crash course on speeding up your WordPress site. Learn more below:
Layout and presentation by Karol K.
Or start the conversation in our Facebook group for WordPress professionals. Find answers, share tips, and get help from other WordPress experts. Join now (it’s free)!
