Preying on WordPress Plugins
Podcast: Play in new window | Download | Embed
Subscribe: RSS
Preying on WordPress Plugins
It's Episode 565 and we have plugins for Clock Toc, Twitt Graph, Twitt Cards, Sugar Lite, Event Prime, Registering with vCita… and ClassicPress Options. It's all coming up on WordPress Plugins A-Z!
Clock Tik Tik, Open Graph and Twitter Card Tags, JM Twitter Cards, Simple Event Management – Sugar Calendar (Lite), EventPrime – Online Events Calendar, Bookings and Tickets, Event Registration Calendar By vcita……. and ClassicPress options on Episode 565.
John's Intro:
This is a value for value show and I look forward to everyone providing some value back.
Before I get started, you will want to hang around to the end of the show for our Q & A segment with Amber…. and to those listening on the podcast, you may want to check out the YouTube version which has some great discussions before the show starts…
Amber's Rant:
This is #24 of 52 episodes for 2022!
It seems that the warmth has arrived here on the West Coast finally! Although it's really wet… I don't think I have ever really experienced more than a short sprinkling at a time of warm rain here on the Island, but we have had a lot of it recently! Kinda cool!
I hope everyone out there is remembering to get outside, rain or shine, to at least get a little exercise! Get out there and be totally silly with the kids or your friends, stomp in puddles like when you were a kid – believe it or not, it's absolutely exhilarating and as much fun as playing DND! Also, nothing raises your spirits like being a kid for a while.
Go be a kid.
We have some news from the world of WordPress for you today as well as some great plugins.
News this week:
WordPress Vulnerability Report – June 8, 2022 – Great long list of fixes for plugins this week! For the vulnerable plugins, there is also, unfortunately, a long list. A few that caught my eye are: MailPress, WP Sentry, Tiny Contact Form, Social Share Buttons by Supsystic, Mini Oranges Limit Login Attempts and their Malware Scanner – there are a lot. And I know I recognize quite a few this week, so be sure to check your and your clients sites!
WP Engine acquires Delicious Brains Plugins – Including the popular developer favourite Advanced Custom Fields.
The Plugins bought are:
Advanced Custom Fields,
WP Migrate
WP Offload Media
WP Offload SES
Better Search Replace
I am really not overly happy about this; I love Delicious Brains, I love the way they do things and the way they make things and the way they themselves work. WP Engine is not Delicious Brains. Things will change, and usually when I love a plugin it seems, and they sell it off, everything I love about the plugin tends to vanish. >< HOPEfully this is not the case here, and my fears are in vane!
Groundhogg acquires HollerBox, a powerful popup and Lead Generation WordPress Plugin! – Hollerbox has been bought, hopefully they treat this plugin with the love and respect it needs to continue being loved by the users!
InstaWP gets seed funding from Automatic – InstaWP, initially thought to be a disposable plugin, is meant to make it much easier to create a WordPress site without the work of doing it yourself. Trying to make it easier for everyone – personally I hope it does not work overly well otherwise the likes of us will be put out of a job of creating, and will be stuck with only fixing… that would be boring in my opinion…
Elementor acquires Strattic – Strattic is a headless WordPress hosting company, and it is now owned by Elementor. For those who use Strattic, be aware that this has happened! I don't think Elementor will wreck anything, though they do have a tendency to tinker and change things up, so keep your eye out for changes!
Five for the future program set to adopt official definition for pledges and contributions – This is an initiative encouraging organizations to contribute 5% of their resources to WordPress development. And they are looking to adopt an official definition for what constitutes pledges and contributions.
“Participation in Five for the Future means consistent effort by an individual or company via a Make WordPress team to directly support the WordPress open source project and the project's current big ideas, rather than the sole benefit of a company or individual. Simply put, Five for the Future exists to collaboratively invest in the health of the WordPress project, ensuring its long-term sustainability and success.”
Hopefully this goes as planned for them, I foresee each company putting in 5% wanting a say and a hard and fast deadline though, which could blow up in their faces…
rtCamp launches WordPress Plugin Compare Project – This could be very useful, though I can also see it flopping… This is a project designed to assist people in comparing the plugins they are looking for, rather than going through the 59,000 plugins themselves and finding the right few, then comparing those few themselves.
Part of the problem is going to be the fact that part of their screen process uses SEO, analytics, social sharing, and e-commerce, though they also use the age of the plugin and the last time it was updated.
As developers know, sometimes an oldy is the best, because although old, the code is still good… I think this may wind up simply pushing people towards the most popular rather than the most useful, thus now allowing the user to find what they actually need, just a decent replacement.
Although, I could be wrong, and this might turn out fantastic!
An AI chatbot trained on 4chan! – This honestly reminds me of an article I read recently where a few parrots in a zoo had to be separated because they were encouraging one another to say swear words at the people. A 4chan chat bot would be essentially the same thing I think!
The creator essentially played a practical joke on 4chan, using them as a fine tuning place for his creation. This is a very interesting and entertaining story of a couple of bots that came to life through 4chan.
The extras – for even more extra news, check out our Facebook, or Twitter page!
This is the extra news stuff that someone out there might find interesting. To read more, you can head on over to the show notes or newsletter and check it out! If you find something to add for next show, send me a link at amber@wppro.ca
Attackers can use electromagnetic signals to control touchscreens remotely – This is called GhostTouch, and uses electromagnetic interference (EMI) to inject fake touch points into a touchscreen without the need to physically touch it. Kind of cool, in a terrible sorta way… Luckily it only works up to 40mm away at this point. This is an ongoing experiment at Zhejiang University and Technical University of Darmstadt. This could be pretty cool if it stays in the right hands…
Nearly 100,000 NPM users' credentials stolen in GitHub OAuth breach – The attacker was able to access internal NPM data and its customer information. It's an interesting article, worth reading! Not to worry though, GitHub is taking care of its customers.
Code execution 0-day in Windows has been under active exploit for 7 weeks – At first,it was reported to not be a security issue, it was later reported to be one indeed. A little confusing, though really it boils down to – if you haven't updated, or if Microsoft has not forced it upon you as of yet, let the update go through.
Accidentally closed a browser tab? Just try Ctrl+Shift=T – This is a useful short cut, especially if you are a little clicky happy.
Microsoft: Windows autopatch now available for public preview – Windows said this week that Windows Autopatch, a service to automatically keep Windows and Microsoft 365 software up to date in enterprise environments, has now reached public preview. Could be helpful for places that have desk agents who don't specialize in keeping the computers healthy!
Neural networks don't work like the human brain because they ‘learn' differently – A really cool article that goes through the differences between the ways human and AI brains learn.
IBM AI captains uncrewed ship across the Atlantic using business logic – This is kinda cool! This walks you through the uncrewed trip!
Poisoned CCleaner search results spread information-stealing malware – This is something important to know since CCleaner is still rather popular. This malware is stealing your passwords, credit cards, and crypto wallets, and is being promoted through search results for a pirated copy of the CCleaner Pro Windows optimization program. Read on to find out more!
Kali Linux team to stream free penetration testing course on Twitch – This could be very useful! Read on to find out more!
New Symbiote malware infects all running processes on Linux systems – Newly discovered Linux malware known as Symbiote infects all running processes on compromised systems, steals account credentials, and gives its operators backdoor access. Read on to find out more!
Online gun shops in the US hacked to steal credit cards – Whoops! Two American gun shops, Rainier Arms and Numrich Gun Parts, disclosed data breaches resulting from card skimmer infections on their sites. They used malicious JavaScript coe to either embed on the sites or fetch from a remote resource by a seemingly innocuous element, such as favicon. Read on to find out more!
New ‘DogWalk' Windows 0-day bug gets free unofficial patches – The security flaw (jokingly dubbed DogWalk) is a path traversal flaw attackers can exploit to copy an executable to the Windows Startup folder when the target opens a maliciously crafted .diagcab file (received via email or downloaded from the web). Read on to find out more!
Matt's Famous Quotes
https://www.idrlabs.com/quotes/matt-mullenweg.php
The hall of shame via Automattic:
transparency.automattic.com/tag/hall-of-shame/
Support the Show
This show won't work without YOU the Producers as this is a Value for Value kind of show!
If you find value in our show, toss some value back! Help keep the show going so we can keep on plugging!
Show Producers
This is where we like to take the time to thank everyone who supports the show!
This weeks show Artwork is by:
Greg's Graphics (Greg Holdsworth) — https://gregsgraphics.com
You can Submit Artwork yourself by going to https://wppluginsatoz.com/artwork/
You can also check out all the art work yourself by going to https://wppluginsatoz.com/show-art-submitted/
Show Executive Producer/'s up on the stage this week:
Nobody this week, maybe next week!
Executive Producers are the ones coming in with $50.00 or more in donations. You can also send along a note that will be read out live on the show! You can just say hi, or you can send in your elevator speech and get a little self promotion while donating to a good cause!
Back Room Producers hanging-out in the Lounge:
Back Room Producers play a big part in keeping this show going! Some of these producers are the anonymous benefactors coming in with donations under $50.00.
Our best known Back Room Producers are those who help us out with our contests, artwork, and site organization!
Some of our Back Room Producers help out the show by sending us in notes, questions, plugin suggestions, and plugin reviews.
Other Back Room Producers help out the show by sending in licenses for the contests.
Our least visible Back Room Producers help out the show by hiring us! This is as good as donating, plus we get the added bonus of more experience to bring to our listeners here on the show!
A big thank you to all the Producers out there, we couldn't do this show without you!
Support the show with your Time, Talent, or Treasure:
Time Support:
Subscribe to our newsletter!
Spread the word about WP Plugins A to Z through your social media, YouTube – wherever you find yourself! Get on out there to round them up and rope them all in, then belly up to the bar and enjoy with your catch of the day while we do our best to bring you the latest and greatest of plugins and news with a laugh!
You can also catch us live on our YouTube Channel every Thursday at 11 AM PDT – show up by 10:45 AM PDT to catch our pre-stream! Really quite entertaining most days as we fiddle with the dials and knobs to chase away the gremlins that have moved in since the week before.
Send us in articles, news, or general WordPress information to share either here on the show or on the WP Plugins A to Z site. You can do this anonymously, or have your name attached – just let us know in the email. Articles and General WordPress information will land on the site, while News may land either here on the show, or on the site – or both!
Send us in plugin suggestions or reviews for the show. This can be a plugin you love or hate, your own write up, or just a recommendation for a plugin to review!
Random tasks that need doing. See a task that you'd like to take on? Shoot us an email and we can talk about it!
Talent Support:
Submit Artwork into WP Plugins Art Generator. LOVE seeing the creativity of all the artists out there! Submit your artwork to https://wppluginsatoz.com/artwork/
See somewhere that could use your talent? Shoot us an email and we can talk about it!
Treasure Support:
Donations to the show! Over $50.00 donations will earn you an Executive Producership where you can have your note read out on the show! Under $50.00 donations will earn you a place in our Back Room Producers Lounge!
Patreon! – Yes, Patreon is still a thing that exists and works – and you can even watch our show there!
Something we haven't listed here? Shoot us an email and we can talk!
Want to send something in to us through Snail Mail? You can find us at:
WP Plugins A to Z
C/O John Overall
20-754 E Fairview Rd.
Victoria, BC V9A 5T9
Canada
Off we go into the meat and potatoes, Into the depths of plugin depravity…..
ClassicPress Options
ClassicPress DOES have a future – we just don't have the time to help ClassicPress get themselves out there right now.
As the ClassicPress World expands the number of ClassicPress specific plugins in their own repository we see them growing. There are a few plugins specifically for ClassicPress currently, and all the plugins for WordPress 4.9.9 work well.
If anyone out there is using ClassicPress and would like to send in some reviews or news, we will gladly add it into this section! You can do so anonymously or let the world know your name – we will respect your choice!
ClassicPress News:
Sadly, the number of plugins in the repository has dropped from 81 to 75. However, there is still a fair amount of recent conversations occurring in the forum, check them out to see what is being discussed using the link below.
Check out the new ‘chats' in the forum
https://forums.classicpress.net/
WordPress does have a section devoted to plugins that are compatible with ClassicPress, check it out!
https://wordpress.org/plugins/tags/classicpress/
If you're looking to learn how to use ClassicPress check out the tutorials on their site.
https://www.classicpress.net/category/tutorials/
For some up to date news on ClassicPress check out the ClassicPress Blog.
ClassicPress Resources:
“Must Have” Plugins List
https://forums.classicpress.net/t/must-have-plugins-list/1163
You can check out the ClassicPress repository here https://directory.classicpress.net/plugins They now have 81 plugins (and counting!) available.
ClassicPress Information – The information that will keep, and help you on your way to understanding and using ClassicPress!
Find out more about ClassicPress 1.4.0 rc2 https://forums.classicpress.net/t/classicpress-1-4-0-rc2-release-notes/3785?fbclid=IwAR3wGK5IW8ssJ-XC4k7IiZMBtSjUTVN2pexk6ATCRvuMN-Fn-McOy-XJJv8
WordPress Plugins
Are you looking for some great newly released plugins? Check out this link:
https://wordpress.org/plugins/browse/new/
——————————–
John's Plugin
Clock Tik Tik
https://wordpress.org/plugins/clock-tik-tik/
The Lowdown:
Description
With this plugin you can now easily customize the WooCommerce My Account Page and add custom options related to your Pages.
WooCommerce User Dashboard or My Account page comes with minimum options, where users can review their dashboard, orders, downloads, addresses and account details. Using this plugin will allow you to create unlimited options on your My Account page without any customization.
Plugin Features
- Unlimited number of Menu
- Use custom pages
- Or anything else
Rating 4 Dragons
——————————–
Amber's Plugin
Simple Event Management – Sugar Calendar (Lite)
https://wordpress.org/plugins/sugar-calendar-lite/
The Lowdown:
This plugin was designed for those who need an easy way to present what is on their calendars in their site for everyone to see.
You will find the settings under ‘calendar' to the right side, and there you can add events, create different calendars for different things, and choose which calendar to show – or just show them all!
This is a great and easy to use calendar if you are needing easy peasy with quick addition from the back end, though to get the more useful bits like recurring events you will need to download additional plugins, or upgrade to the premium version.
Rating 4 Dragons
——————————–
John's Plugin
Open Graph and Twitter Card Tags
https://wordpress.org/plugins/wonderm00ns-simple-facebook-open-graph-tags/
The Lowdown:
This plugin improves the sharing of your WordPress pages, posts, WooCommerce products, or any other post type on social media, by setting the correct Facebook Open Graph Tags.
It also allows you to add the Twitter Card tags for more effective and efficient Twitter sharing results, as well as the Meta Description and Canonical tags if no other SEO plugin is setting them.
Rating 5 Dragons
——————————–
Amber's Plugin
EventPrime – Online Events Calendar, Bookings and Tickets
https://wordpress.org/plugins/eventprime-event-calendar-management/
The Lowdown:
This is a pretty amazing calendar – it was created for both subscribers and administrators to view, and to add events.
In the free version you get everything you need to get it up and going, including pre-made pages that you have complete control of! Compatible with Elementor and a few other themes too!
Something cool I haven't seen elsewhere yet, you get control over the colour of the text for each event, and the block it sits in!
I personally have found using event calendars a little confusing, but these guys have some pretty amazing walk throughs to help you get through it. And they use laymen terms, meaning everyone can understand!
I really like these guys, very useful free version, and the premium version just adds – which honestly is how it should be I think, rather than making it so that the useful bits are all in the premium version.
Rating 5 Dragons
——————————–
John's Plugin
JM Twitter Cards
https://wordpress.org/plugins/jm-twitter-cards/
The Lowdown:
Once activated the plugin adds appropriate meta on your WordPress website allowing you to get Twitter cards for your posts according to your settings. Enjoy!
Features
- Gutenberg compatible with a custom sidebar
- meta box: customize Twitter Cards experience (per each post)
- preview: preview the rendering on Twitter.
- WP SEO by Yoast and All in One SEO compatible (no conflict with SEO title and desc set with these plugins)
Rating 5 Dragons
——————————–
Amber's Plugin
Event Registration Calendar By vcita
https://wordpress.org/plugins/event-registration-calendar-by-vcita/
The Lowdown:
I thought that this was a calendar plugin for your site itself, though it turned out to be a plugin designed to link an online account with Victa to your site.
They have a lot of great options, though this calendar is more geared towards accepting appointments and payments rather than creating events in general.
When a viewer goes to book something, everything has to be set up so that they can choose from a dropdown, leaving no ability for them to create anything themselves.
You can create things in your site, though I found it easier to work through the dashboard – which I also found irritating since I had to flip back and forth.
I can see the uses for this for a business that needs to have bookings like chiropractors or mechanics, though not great if you are looking to create calendars for things like meet ups or festivals.
The free version gives you what you need to get started, though the really useful things are hidden behind that premium wall.
Rating 4 Dragons
——————————–
Random links for plugins
WordPress plugins crafted from love and experience
https://codeat.co/
Listener Feedback / Audio Clips
Feel Free sending in your thoughts to us – The Good, The Bad, The Ugly – we'll take them all!
Listener Questions
Hi Amber and John,
I listen to your show regularly and have learned a lot. I am wanting to set up an email server on my domain. John, have you made any step by step videos on this that I may follow? If not, it would be great if you did. What security things do I need to be aware of after it is set up? Are there any rules of thumb to follow in setting up? Is there a maximum number of recipients that I should stay under so I am not seen as spamming?
Thanks for your help and keep educating the masses.
Email Newbie
There is no contest right now – we are just waiting on the worker bees to return with our next contest!
Be sure to stay tuned to find out what will be available next! If anyone out there would like to help our current worker bees, contact us. Many hands make light work and more contests!
Contests Powered by Simple Giveaways who kindly provides us with the premium version for our contests.
A BIG Thank You to Steve Goodtime & Brant Matthews who have created our Awesome jingle for the contests!
A BIG Thank You to Steve Goodtime & Brant Matthews who have created our Awesome jingle for the contests!
A BIG Thank You to Charlie for coming to the aid of the show and getting our contests all organized!
We also want to give a BIG Thank You to all the Developers for supporting our show with their plugin donations! Please be sure to check them out!
Short note about participating in the contests folks – we go to great efforts to get these licenses. We would LOVE to see a bit more participation from you, The Producers.
Visit http://WPPluginsAtoZ.com/contests for more info.
For all developers who would like to support the show. You can donate a premium license to be used in a future contest please go toWPPluginsAtoZ.com/PluginContest
The plugins we covered were:
John’s Plugins: Clock Tik Tik – 4, Open Graph and Twitter Card Tags – 5, JM Twitter Cards – 5
Amber's Plugins: Simple Event Management – Sugar Calendar (Lite) – 4, EventPrime – Online Events Calendar, Bookings and Tickets – 5, Event Registration Calendar By vcita – 4
Matt's Famous Quotes
https://www.idrlabs.com/quotes/matt-mullenweg.php
Reminders / Commercial / Promotions:
Next Week:
Meetup Has Been Planned For June 25th!! Keep tabs on the date at: https://wppluginsatoz.com/meetup – keep an eye to make sure that the date doesn't change on you for any reason (like zombies or wet ninja cats being herded through catnip fields flooding the valley or anything..)
Would you like to be on an interview show? Simply connect at https://wppluginsatoz.com/interview
If you have suggestions on plugins you would like to have reviewed please submit them on the website at https://wppluginsatoz.com/submit-plugin-review/
Q & A Time with Amber ——– Catch this info on our YouTube Channel
If you have questions you would like to have asked on the show, send them in to me at Amber@WPPro.ca and we will answer to the best of our ability!
- What attributes do you look for when choosing a Theme for a site?
- What information do you need to know when helping your client to choose a theme for their site?
- What is your opinion on Caching Plugins? Is this something you would recommend your clients add to their site, or no?
- Can you explain Gopher Space in more basic terms for those like me who have never heard of this until this article?
- What do you think about it, and do you think it will make a full come back?
- Why, or why not?
- What do you think about it, and do you think it will make a full come back?
Closing out this Episode
Just some reminders:
Be sure and subscribe to our Newsletter.
You can support the show at wppluginsatoz.com/donate
All the show notes can be found at: WPPluginsAtoZ.com
You can find and review us at:
Stitcher Radio, Google Play and in the iTunes Store
Follow the show on Twitter @wppluginsatoz
Join Us on Our Facebook Page
Subscribe and Check out our Training Videos, Screencasts and Watch us Live on YouTube every Thursday at Noon PDT
How to Contact Us:
John can be contacted at:
- on my website @ http://www.johnoverall.com/
- WordPress Emergency Support http://wppro.ca/wpemergency
- email: john@wppro.ca
Amber can be contacted at:
- email: amber@wppro.ca