Changes to Auto-Updates, New Migration Plugin, and a Look at FSE Themes | WordPress News Roundup November 2020

Gutenberg 9.3.0 was released at the beginning of this month, giving a clear picture of the future of WordPress and full site editing. However, with revolutionary changes on the roadmap, WordPress has been in a rather fluid state in 2020. 

Catch up with the latest news and resources in the WordPress community, including:

  • A delay in the WordPress 5.6 Beta release
  • A plugin security issue affecting 100,000 websites
  • The new WordPress website migration plugin
  • Updates to Facebook & Instagram embed support
  • A look at the first default block-building theme

WordPress 5.6 Beta 4 Delayed As Team Moves Forward With Auto-Updates

The release of WordPress 5.6 Beta 4 was pushed back two days from Nov. 10, 2020, to Nov. 12, 2020. While the delay is minor, release lead Josepha Haden’s announcement gives the WordPress community a better look at the future of auto-updates

The WordPress team has worked for the past two years to enable users to opt-in to automatic updates whenever there’s a major release. 

Currently, WordPress only enables auto-updates for minor version releases. However, the team has always envisioned auto-updates for major releases as the default option. The long-term goal of auto-updates for major releases aims to ensure that all WordPress websites run on the most secure version.

As of now, the topic of auto-updates has spurred numerous debates in the WordPress community. For now, the team is challenged with figuring out the technical requirements of major automatic updates. 

Furthermore, the WordPress team will also need to build user trust and gain buy-in for their long-term vision.

Ultimate Member Plugin Patched: Security Issue Affected 100K Websites at Risk

Ultimate Member is a WordPress plugin that permits users to create membership areas and user profiles on a website. The plugin, which is installed on over 100,000 websites, experienced security bugs that allowed attackers to potentially gain admin access over affected websites. 

If an attacker gains admin-level access to a website, they have virtually unfettered control over it. With this access, an attacker can install viruses or even take the website down.

The security breach was a result of three bugs that each ranked “Critical” on the Common Vulnerability Scoring Scale (CVSS).  Each of the bugs made it easy for attackers to escalate their privileges until they reached the admin-level. 

Given the ease with which attackers could gain control of an affected website, the bugs have been classified as critical and severe. 

The bugs were patched on Nov. 9, 2020, and it’s recommended that anyone using the plugin update to version 2.1.12, which contains the patch.

Website Migration Made Simple With WordPress Migration Plugin

WordPress powers more than 30% of websites on the internet. However, with revolutionary changes on the horizon and a seemingly continuous stream of changes, some WordPress users might be considering switching to another provider. 

Website owners often find the manual migration process confusing and time-consuming at best. That’s why there are several free and paid services specifically intended to facilitate website migration. 

The question becomes finding the right provider to ensure a secure and thorough migration. Bluehost’s new migration plugin enables WordPress users to migrate their websites with seamless tools and professional assistance. 

The WordPress Migration Plugin is available at no cost. Users simply download the plugin to their Bluehost cPanel or WordPress Admin dashboard. Once installed, the plugin scans the website to determine migration viability. 

If a website is compatible, the files will be securely uploaded and stored for transfer. Users can also update their DNS records through Bluehost and receive professional troubleshooting if any issues occur during the migration.

Facebook and Instagram Drop Support for Content Embedded on WordPress

On Oct. 24, 2020, Facebook released a change that can break social content embedded on WordPress websites. The change will specifically affect Facebook and Instagram embeds.

However, the change won’t affect all websites. The application programming interface (API) update will only break unauthenticated embedded content. 

In other words, publishers that do not have a Facebook developer account and a registered Facebook app will lose Facebook embed support for WordPress websites. 

The change is retroactive, giving it the potential to break embedded content on millions of websites.

Currently, the only way to fix embedded content is by creating a developer account with Facebook, registering a Facebook app, and making sure the Facebook app is live.

Twenty Twenty-One Will Offer First Default FSE Theme With Twenty Twenty-One Blocks

On Oct. 23, 2020, Carolina Nymark announced the development of the first default full site editing (FSE) Theme, which will be called Twenty Twenty-One Blocks. The FSE version is a separate project from Twenty Twenty-One.

The new theme will showcase the features of the FSE site editor. However, the theme is experimental and will require that the Gutenberg plugin and site editor experiment are installed.

Developers aim to release the theme in December of 2020, and it is currently located in the theme experiments repository on Github.

On Sept. 23, 2020, WordPress announced that WordPress 5.6 would launch with a brand new default theme, Twenty Twenty-One. The announcement provided a preview of the minimalist pastel theme and shared its vision to design unique block patterns specifically for the theme. 

With the announcement of Twenty Twenty-One blocks, the WordPress community will not have to wait for Twenty Twenty-Two to have a default FSE theme option. 

That being said, Twenty Twenty-One Blocks has not progressed as far as Twenty Twenty-One. The theme is functional but minimal. It will take some work before it qualifies as an FSE version of Twenty Twenty-One.

In the past few months, WordPress has released several significant changes and honed in on its vision for the future of FSE. 

For now, the WordPress community can tinker with the site editor experiment or even some FSE themes as we anxiously await the arrival of WordPress 5.6.

To learn more about the number one recommended web hosting for WordPress, visit Bluehost, and explore hosting plans today.

Build the Website of Your Dreams with Bluehost

Get Started
Desiree Johnson
Desiree Johnson | Content Specialist
Desiree Johnson is a Content Specialist at Bluehost where she writes helpful guides and articles, teaches webinars and assists with other marketing and WordPress community work.

Leave a comment

Your email address will not be published. Required fields are marked*