Stay around until the end to see baby waste bandites that are beautifully bad in climbing.
In today’s edition:
- Patchstack study: hosting “security” may look difficult, but 87.8% of the time it folds faster than a $ 5 lawn chair.
- WP Wiki launches: finally a single place to catalog all your nerdy knowledge.
- RIP-Dial-Up: The sound of the 90s is finally silent in September.
Hot from the presses: what’s new?
Yes, yes, we all know that we have to sit upright, stretch every hour and perhaps even invest in a chair that does not double as a medieval torture device. And yes, spine health is important, especially when we get older and bend forward to turn on our shoes, something we have to put ourselves for Psyche.
But let’s face it … I type this newsletter in exactly the position shown in the meme. One foot on the desk, distorting as a JavaScript -callback disappeared villains. Ergonomics? Never met her. Attitude? Optional. Productivity? In one way or another intact.
So go ahead, laugh … but maybe … Maybe … Consider touching your toes for your next sprint.
Or not. We still ship codes. 🤷50
One wiki to rule them all: new community-driven WordPress-Opedia launches
WordPress now officially has a wiki. Michelle Frechette and Corey Mass have launched the WP Wiki project, a shiny new community-driven encyclopedia for all things WordPress.
Everyone can jump in, whether you are a blogger with a new face who is still fighting with your first theme, or a core contribution hardened by the battle that remembers when Widgets were a big problem. There are even vanity lists that are personal or business profile pages where you can bend and pay your WordPress credit to ‘sponsor’ your entry, so that the article is locked by others.
The goal? To create a living, respiratory reference guide that capture the history of WordPress, plug -in, functions and those obscure rabbit holes that you only hear about after three beers at Wordcamp.
So whether you are itching a WordPress veteran to weigh on the Nitty-Gritty of when to use Categories versus TagsOr a newbie who just tries to baptize a curious toe in the world of this versatile CMS, the WP Wiki project is worth a bookmark.
→ Jump over the Wiki hole.
→ Bend your WordPress credit and add an article here.
Hosting defenses? More like Swiss cheese
A new study by Patchstack showed that trust in standard “Secure WordPress” is nowadays about as effective as trying to ward off armed robbers with a polar noodle.
They discovered that no less than 87.8% of plug -in exploits Lower past hostinga weather and virtual patching tools before being stopped at the application layer.
Here is the tea: PatchStack turned identical WordPress sites with 11 well -known plug -in vulnerabilities, ranging from random file upload to SQL injection to escalation of privileges. They tested five hosts to see if their advertised defenses actually worked. Spoiler alert: they didn’t do that.
Only one hosting team (with the help of Cloudflare’s WAF) managed to stop four out of eleven exploits.
Everyone? Hardly raised a firewall.
- One host blocked two exploits.
- Another stopped only one.
- Namely, two hosts could not block each. (Oooof …)
In Patchstack CEO Oliver Sild’s words The repository: “WAFs at network level are too generic with their protection, where WordPress-specific vulnerabilities almost completely miss, and security solutions at server level are mainly focused on post-exploitation.”
“There is a huge blind spot on the security of applications,” he explains, “and WordPress is a hard platform to protect when vulnerabilities can come from any plug -in.”
In other words, WordPress is a plug-in-through maze and we need a layer of security that actually understands.
Bottom Line? If your host brags about ‘virtual patching’, maybe ask what they patch. After all, you cannot protect against what you do not recognize.
→ See the full breakdown of the Case Study
→ Get the deets from Patchstack’s 2025 State of WordPress Security Report
Smush levels: now change the size of your oversized images.
Good news for anyone who has ever uploaded a 5 MB stock photo with the name “img_final_final_reallyfinal.jpg” and wondered why their page speed score refueled: Smush has just become smarter.
We have just introduced two shiny new functions that you will love:
- Automatic image of the format of images: Smush now squeezes sturdy images to fit into their containers, which means that less “on the right size images” warnings in page speed and no PNGs with Billboard format are served to someone who leaves on a Nokia.
- Add missing dimensions: Do you remember that uncomfortable Lay -Out Shift where your text jumps around like it is doing the Macarena while visiting images? Smush fixes that by automatically adding width/height attributes. Stability restored, dignity kept.
Between this and the already stacked Smush toolkit (lazy drawers, compression, CDN) you are actually no longer an excuses for slow, janky sites. Unless of course you just pretend Looking at your CLS score fall?
→ Do you want to go out more? Check the full Smush documents.
→ While you are in optimization mode, Topher has been completed Three more plug -in that make your website faster.
Mind Bloggling Feits & Stats
Speaking of security risks … Patchstack’s 2025 Vulnerability report identified 6,700 new vulnerabilities in the WordPress ecosystem in just six months, and what is really creepy is that 41% of them can be operated in real-life attacks. 😬 (Source))
According to a study by Harvard Business School, if Open Source suddenly disappeared, it would cost the world $ 8.8 trillion. ((Source))
An impressive milestone: Ganga Kafle celebrates 7,000 WordPress themes rated! ((Source))
Blogs and sources that you should not miss
Finally a way to Stop that your WP -Admin -menu looks like Times Square at night.
Do you think you know the difference between .com and .org? Michelle Frechette and Jonathan Desrosiers Turn the record right.
Did you know you can do that Car bend your old messages with low visits? Perfect for content that is outdated as milk instead of wine.
If you ever wanted a helpful writing coach to give your blog posts soft pushes for improvement, Slim SEO has you.
‘I just wish to work a person in LLMWorld on a bad salesforce implementation, or maintaining and improving a plugin loaded but business-critical WordPress installation. I want them to see the gap between the software world that most people experience – including most developers – and the infinitely funded world of pine floors and plant walls where they thrive.” – Paul Ford on What Chatgpt 5 is missing.
Is it it then Real Free and open source, or just pretend? This site Unveils who walks the walkAnd who is just ‘wash open’.
A lively Debate about expanding the core block library. As Amber Hinds asks: “For whom is WordPress for? We build blog software or software for creating websites?”
Distraction of coffee breaks
This collection of retro video game -airs is a nostalgic phone wallpaper Goldmine.
A Interactive game of impressive annoying UX. Just try to get through without throwing your laptop on a wall.
A really healthy developer Meme. 🥰
About atmospheric coding: “If you are actually a cheater, it is not syndrome. “
This Labradoodle hard at work Solve a very important mystery.
Use Florida scientists Robot-like rabbits on solar energy To capture invasive pythons.
This vital service Delivers your website with exactly what it needs: random daily photos of Keanu Reeves.
Wait … Dial-up internet has been there all the time?! Apparently it will be stopped in September.
And finally …
AWWW … They do their best! 🥹
Do you love this mix of Nerery and nonsense? Send it to your favorite WordPress Weirdo. 💗
#rest #Wiki