The Dragon Roars with Fearsome WordPress Plugins

It's Episode 555 and we have plugins for Disabling Bloat, Managing Emergencies, Login Without Password, Query Looky-Loo, Worthless Plugin, Pranking WordPress… and ClassicPress Options. It's all coming up on WordPress Plugins A-Z!

Disable WooCommerce Bloat, Emergency Management, Temporary Login Without Password, Query Monitor, Worthless Plugin, WP Pranks……. and ClassicPress options on Episode 555.

John's Intro:

This is a value for value show and I look forward to everyone providing some value back.

Before I get started, you will want to hang around to the end of the show for our Q & A segment with Amber…. and to those listening on the podcast, you may want to check out the YouTube version which has some great discussions before the show starts…

Amber's Rant:

This is #15 of 52 episodes for 2022! So many 5's today! 5 is an interesting number in numerology – 5 is a master of change, able to go with the flow and adapt itself to thrive in different environments and social situations. People with the life-path number 5 tend to have a hard time settling down or sticking to routine, as people with 5 tend to crave new, fresh experiences – once something feels like routine these people tend to move on.

On another note – happy early April Fools! I think we should really just call it Loki Day – generally my youngest sets up about 20 different little harmless pranks at this time of year, so I can't help but wonder what she will do this year! I hope everyone has a lot of fun this year, and that you are able to get outside and enjoy the early Spring weather!

Rinse and repeat as often as needed.

We have some news from the world of WordPress for you today as well as some great plugins.

News this week:

WordPress Vulnerability Report – March 30, 2022 – Only 7 to worry about this week – don't forget to go through this list each week to see if a plugin you have deactivated in the past has been patched and is good to go now!

EXMAGE, Good & Bad Comments, Thank me Later, Page Security & Membership, Autolinks, Amministrazione Aperta, Ad Injection. If you have these in your site, deactivate and keep an eye out for updates!

Performance Team proposes enabling WebP by default in WordPress 6.0 – If this proposal is approved, version 6.0 will generate WebP images by default for new JPEG uploads and will use WebP images by default for website content. I could see this being very useful, as WordPress would auto convert JPEG uploads to the WebP in the background, and use them on your website.

Text Selection across multiple blocks is coming to WordPress – Ella van Durpe merged a feature into Gutenberg plugin, allowing users to select and modify text across multiple rich text blocks. This should land in 13.0 of the plugin, and WordPress 6.0 in May. I'll bet this will make life easier across the board for Gutenberg users!

WordCamp Asia 2023 tentatively set for February 17-19 in Bangkok, Thailand – Great news! WordCamp Asia is tentatively back on schedule for in-person WordPress events with these new dates – February 17-19, 2023. Read on to find out more!

The WordPress.org pattern creator now open to the public – The WordPress pattern directory has finally opened its gates wide to the entire community as of March 25th!! This means that anybody with a WordPress.org account can log in, go to the pattern creator, and start designing!! Read on to find out more!

WooCommerce Store API now stable, provides better support for custom frontends – They announced on March 25 that their new Store API is now stable after two years of being in development. It powers the plugin's new block-based cart and checkout experience as well as all products blocks! This is great news! Read on to find out more!

Weglot raises €45M from Partech Partners – This is the first time the Paris based company has taken outside capital since it 2017! They have expanded its offerings to include more translations and integrations for other platforms as well. Weglot also has a Gutenberg block available. Read on to find out more!

Snow Monkey Editor Plugin adds custom styles to WordPress Core Blocks – This is a great plugin to know about if you build in blocks. Most Block Plugins allow you to create your own custom blocks and add them – Snow Monkey allows you to add personalization to the blocks already in your site, and they have added more!

Random Fun Note: Scientists think there could be alien life on one of Jupiter's moons – Yes, you read that correctly! One of Jupiter's moons named Europa has Water, Nutrients, and Oxygen. The oxygen and water are separated by a thick sheet of ice – but thanks to a lot of conjecture and a paper, there is a working theory on how the oxygen could penetrate Europa's ice shell and reach the water beneath – thus allowing for life! Totally worth taking the time to read this!

The extras – for even more extra news, check out our Facebook, or Twitter page!

This is the extra news stuff that someone out there might find interesting. To read more, you can head on over to the show notes or newsletter and check it out! If you find something to add for next show, send me a link at amber@wppro.ca

Research: The Great Resignation has not improved the career paths of workers – Some got better pay, but others are coping with high inflation and minimal wage growth. This article does a deep dive into everything regarding this topic, and is well written.

The not-so-secret secret to successful flexible work strategies – Give your people what they want. This is a great article going through the effect that the Great Resignation has had on the work force, and how people looking for jobs are now searching for flexible work schedules rather than 9-5 office hours.

Hackers Hijack email reply chains on unpatched exchange servers to spread malware – A new email phishing campaign has been spotted!! This one uses the tactic of conversation hijacking, delivering the IcedID info-stealing malware onto infected machines by making use of unpatched and publicly-exposed Microsoft Exchange servers. Read on to find out more!

White House issued a cybersecurity list – but forgot these vital steps – The White House issued a press briefing with a list of cybersecurity steps – though they left out some crucial steps. They also didn't entirely define the steps they did give. This is a great fleshing out of the steps given by the White House, and also adds some things that were missed in the list.

Google caught collecting more of your personal data – changes are coming! – By this point, we all know our data is scooped up and used for the company's benefit – despite the many proclamations of Google and other tech giants regarding Privacy Concerns, and how they are meeting these. Here we see them caught with their bots in the cookies yet again, and Google response. Read on to find out the nitty gritty details!

North Korean hackers exploit Chrome zero-day weeks before patch – The zero-day in question here is ‘remote code execution vulnerability in Google Chrome web browser'. This was used in attacks that targeted news media, IT companies, cryptocurrency, and fintech organizations. Read on to find out more about what went on!

Behold! A password phishing site that can trick even savvy users!! – Enter: BitB. BitB stands for Broswer in Browser. This removes the telltale signs in the address bar that people generally look for, like google.evildomain.com or substitute letters such as g00gle.com. It uses a fake browser window inside of a real browser window to spoof an OAuth page. Read on to find out more about how BitB works!

Critical Sophos Firewall vulnerability allows remote code execution – Sophos has fixed this this now, though still good to know what happened. There was an authentication bypass vulnerability in the User Portal and the Webadmin areas of Sophos Firewall that allowed remote code executions to be conducted. Read on to find out more about this and how it worked!

New Malware Loader ‘Verblecon' infects hacked PCs with cryptocurrency miners – Translation: an unidentified threat is employing ‘complex and powerful' malware with the ultimate objective of deploying cryptocurrency miners on compromised systems, and potentially facilitating the theft of Discord Tokens. First noticed 2 months ago, the real worry here is if the malware falls into the hands of someone who realizes the potential use of such sophisticated malware. Read on my friends!

New hacking campaign by Transparent Tribe Hackers targeting Indian Officials – Believed to be of Pakistani origin, this is designed to backdoor targets of interest with a Windows-based remote access trojan named CrimsonRAT; this has been going on since at least June 2021. Last month, the threat expanded into Android devices with the backdoor name CapraRAT. Read on to find out more on how this thing works and what it's doing!

CISA warns of ongoing cyber attacks targeting internet-connected UPS devices – US Cybersecurity and Infrastructure Security Agency (CISA) and the Department of Energy (DoE) are working together on this one; uninterruptible power supply (UPS) devices are being attacked by means of default usernames and passwords. This is why putting in your own passwords is so essential… Read on to find out more about this investigation, and what they are currently doing!

 

The hall of shame via Automattic:
transparency.automattic.com/tag/hall-of-shame/

Matt's Famous Quotes
https://www.idrlabs.com/quotes/matt-mullenweg.php

Support the show

This Show will not work without you, the producers, as it is a Value for Value model, meaning if you're getting any value out of it then give some value back and help the show out.

Start by subscribing to the newsletter for additional information and get out there round them up and rope them all in, belly up to the bar and enjoy. Spread the word about WP Plugins A to Z and catch it live every Thursday at noon PST on our YouTube Channel.

Show Producers

We'd like to acknowledge all the producers who have supported the show in the various ways over the last week.

This weeks show Art Work comes from:

Greg's Graphics (Greg Holdsworth) — https://gregsgraphics.com

To Submit Artwork go here https://wppluginsatoz.com/artwork/

Check out all the art work at https://wppluginsatoz.com/show-art-submitted/

This week's Executive Producer/'s are:

Nobody this week, maybe next week!!

A big thank you to all the Producers who came in under $50 and to those who have set up weekly subscriptions they will remain anonymous and I thank you very much.

All these small subscriptions really help the show out.

A big thank you to those who have hired me because of the Podcast, thank you that is as good as donating to the show.

You can Support the Show by:

Donating money to help the show Donations of $50 and over are credited with an Executive Producer Credit in the Show Notes, and their note is read out on the show.

Submitting art work at the WP Plugins Art generator – To Submit Artwork go here https://wppluginsatoz.com/artwork/

Submit articles news and information

Submit plugin suggestions for reviews

You can also create a monthly donation at Patreon

Or something I may not have thought of…

If you would like to send something to WP Plugins A to Z you can send to the following address:

WP Plugins A to Z
C/O John Overall
20-754 E Fairview Rd.
Victoria, BC V9A 5T9
Canada

Off we go into the meat and potatoes, Into the depths of plugin depravity…..

ClassicPress Options

ClassicPress is growing really well, but we just don't have the time to add reviews on ClassicPress myself. We are always open to reviews sent in by listeners, though unless there is a review sent into us on ClassicPress, we am not going to do more than mention that ClassicPress is a thing. Here are some resources, we hope some listeners out there find this information useful!

One thing we are looking forward to in the ClassicPress World is the expansion of the number of ClassicPress specific plugins and their own repository. There are a few plugins specifically for ClassicPress and all plugins for WordPress 4.9.9 work well on it. We do believe it has a future, we just don't have the time to help them in getting it out there right now.

ClassicPress News:

No new updates this week – though we have a Tutorial!

If you're looking to learn how to use ClassicPress check out the tutorials on their site.
https://www.classicpress.net/category/tutorials/

For some up to date news on ClassicPress check out the ClassicPress Blog.

ClassicPress Resources:

“Must Have” Plugins List
https://forums.classicpress.net/t/must-have-plugins-list/1163

You can check out the ClassicPress repository here https://directory.classicpress.net/plugins They now have 84 plugins (and counting!) available.

ClassicPress Information – The information that will keep, and help you on your way to understanding and using ClassicPress!

Find out more about ClassicPress 1.4.0 rc2 https://forums.classicpress.net/t/classicpress-1-4-0-rc2-release-notes/3785?fbclid=IwAR3wGK5IW8ssJ-XC4k7IiZMBtSjUTVN2pexk6ATCRvuMN-Fn-McOy-XJJv8

WordPress Plugins

Are you looking for some great newly released plugins? Check out this link:
https://wordpress.org/plugins/browse/new/

——————————–

John's Plugin

Disable WooCommerce Bloat

https://wordpress.org/plugins/disable-dashboard-for-woocommerce/

The Lowdown:

Disable unnecessary WooCommerce features and make your shop faster and cleaner. If you don’t like or don’t need the new bloatware features, use this plugin and forget about them forever.

It may be a good idea for small shops to disable the features that are slowing your page down. Simplify your WooCommerce admin panel. Use good, old, clean, fast WooCommerce!

Rating 5 Dragons

——————————–

Amber's Plugin

Query Monitor

https://wordpress.org/plugins/query-monitor/

The Lowdown:

This is a plugin made for developers – it is a developer tool panel for WordPress. This enables debugging of database queries, PHP errors, hooks and actions, block editor blocks, enqueued scripts and stylesheets, HTTP API class, and more!

You will find ‘settings' under the plugin on the plugin page; click on that and it will bring up the whole list of things it pulls for you! Going through it I found it to be very easy to read, understand, and I can see how very useful it will be when working on a site!

Rating 5 Dragons

——————————–

John's Plugin

Emergency Management

https://wordpress.org/plugins/emergency-management/

The Lowdown:

Provides means to reset all or selectable passwords (roles, users) and/or to delete (the related) sessions, to define a role-based password expiry, to renew your security KEYs & SALTs and to define & monitor your required password complexity/strength.

Upon password reset, the related users will be informed by eMail. The eMail text can be edited easily through this plugin.

When the password expiry function is set, users with the related roles will be required to renew their password upon login, once expired.

Rating 5 Dragons

——————————–

Amber's Plugin

Worthless Plugin

https://wordpress.org/plugins/worthless-plugin/#description

The Lowdown:

A fun plugin that you plug and play, it throws up random notices in your dashboard that are totally useless but rather entertaining – mostly for the one who added the plugin!

The notifications are things like: ‘Don't click on my face!' with a picture of the dude's face, or ‘This notification…'

I think this is some good clean, harmless entertainment. 😀

Rating 5 Dragons

——————————–

John's Plugin

Temporary Login Without Password

https://wordpress.org/plugins/temporary-login-without-password/

The Lowdown:

Using the “Temporary Login Without Password” plugin you can create a self-expiring account for someone and give them a special link with which they can login to your WordPress without needing a username and password.
You can choose when the login expires, as well as the role of the temporary account.

Really useful when you need to give admin access to a developer for support or for performing routine tasks.

Rating 5 Dragons

——————————–

Amber's Plugin

WP Pranks

https://wordpress.org/plugins/wp-pranks/

The Lowdown:

This plugin has not been updated since I brought it last year – when it was already a year out of date – but it still works!!

You get to choose from the following pranks for your site:

• turn website black and white
• turning everything upside down
• hiding all odd numbered paragraphs
• turning everything blurry
• adding a poop emoji to the upper left of the page
• turning all text into Comic Sans font
• Making all fonts INSANELY large!!

I think this is a great one to throw on for April Fools!

Rating 5 Dragons

——————————–

Random links for plugins

WordPress plugins crafted from love and experience
https://codeat.co/

Listener Feedback / Audio Clips

Remember: Feel Free sending in your thoughts to us – The Good, The Bad, The Ugly – we'll take them all!

Listener Questions

Hi Amber and John,

Love the show! I need to upload photos to my site and I know that changing the size by inches or centimeters doesn't actually change the size (3.92 MB). I read I should change the pixel size. What is the best way and best pixel size to have on your website? Are there rules of thumb to follow?

Thanks.

Not Photo Savy

Remember, there's no such thing as a stupid question!

Enter 2 Win Our Contest!!!

Deadline is April 6th – Winner Announced on April 7th!!! Don't Forget!

 

Lifetime Single Domain License with Interactive Geo Maps, Valued at $49.99!

 

 

 

 

 

 

Let your friends know about the giveaway!

 

Remember to share this contest with friends to earn extra entries to the contest.