7th Circle Designs

Building, Securing, and Optimizing WordPress Since 2014

Home » Blog

WooCommerce 5.5.2 Fix Release

by Leave a Comment

WooCommerce 5.5.2 is available now. This release resolves performance degradation issues and fixes several bugs identified in 5.5.0 and 5.5.1. These updates are unrelated to the recent security vulnerability that was solved by WooCommerce 5.5.1.

Here’s what’s new:

  1. Solved: Non-performant query in 5.5.1 causing performance issues in admin pages.
  2. Solved: Search query not showing expected results with few themes and plugins.
  3. New: Added a fallback for shops to use redirect download method as well in case force download method did not work.
  4. Solved: $screen null fatal with few plugins.

Important: With the release of this new version, the auto-update process for WooCommerce 5.5.1 mentioned in this blog post has been discontinued. If you are still running a version of WooCommerce that is not on the patched versions list, please update immediately to the highest version available in your release branch.

You can download the latest release of WooCommerce here or visit Dashboard → Updates to update the plugin from your WordPress admin screen.

As usual, if you spot issues in WooCommerce core, please log them in detail on GitHub. Found a security issue? Please submit a report via HackerOne.

Reposted from WooCommerce

WordPress 5.8 Tatum

by Leave a Comment

Introducing 5.8 “Tatum”, our latest and greatest release now available for download or update in your dashboard. Named in honor of Art Tatum, the legendary Jazz pianist. His formidable technique and willingness to push boundaries inspired musicians and changed what people thought could be done. 

So fire up your music service of choice and enjoy Tatum’s famous recordings of ‘Tea for Two’, ‘Tiger Rag’, ‘Begin the Beguine’, and ‘Night and Day’ as you read about what the latest WordPress version brings to you.

Three Essential Powerhouses

Manage Widgets with Blocks

After months of hard work, the power of blocks has come to both the Block Widgets Editor and the Customizer. Now you can add blocks both in widget areas across your site and with live preview through the Customizer. This opens up new possibilities to create content: from no-code mini layouts to the vast library of core and third-party blocks. For our developers, you can find more details in the Widgets dev note.

Display Posts with New Blocks and Patterns

The Query Loop Block makes it possible to display posts based on specified parameters; like a PHP loop without the code. Easily display posts from a specific category, to do things like create a portfolio or a page full of your favorite recipes. Think of it as a more complex and powerful Latest Posts Block! Plus, pattern suggestions make it easier than ever to create a list of posts with the design you want.

Edit the Templates Around Posts

You can use the familiar block editor to edit templates that hold your content—simply activate a block theme or a theme that has opted in for this feature. Switch from editing your posts to editing your pages and back again, all while using a familiar block editor. There are more than 20 new blocks available within compatible themes. Read more about this feature and how to experiment with it in the release notes.

Three Workflow Helpers

Overview of the Page Structure

Sometimes you need a simple landing page, but sometimes you need something a little more robust. As blocks increase, patterns emerge, and content creation gets easier, new solutions are needed to make complex content easy to navigate. List View is the best way to jump between layers of content and nested blocks. Since the List View gives you an overview of all the blocks in your content, you can now navigate quickly to the precise block you need. Ready to focus completely on your content? Toggle it on or off to suit your workflow.

Suggested Patterns for Blocks

Starting in this release the Pattern Transformations tool will suggest block patterns based on the block you are using. Right now, you can give it a try in the Query Block and Social Icon Block. As more patterns are added, you will be able to get inspiration for how to style your site without ever leaving the editor!

Style and Colorize Images

Colorize your image and cover blocks with duotone filters! Duotone can add a pop of color to your designs and style your images (or videos in the cover block) to integrate well with your themes. You can think of the duotone effect as a black and white filter, but instead of the shadows being black and the highlights being white, you pick your own colors for the shadows and highlights. There’s more to learn about how it works in the documentation.

For Developers to Explore

Theme.json

Introducing the Global Styles and Global Settings APIs: control the editor settings, available customization tools, and style blocks using a theme.json file in the active theme. This configuration file enables or disables features and sets default styles for both a website and blocks. If you build themes, you can experiment with this early iteration of a useful new feature. For more about what is currently available and how it works, check out this dev note.

Dropping support for IE11

Support for Internet Explorer 11 has been dropped as of this release. This means you may have issues managing your site that will not be fixed in the future. If you are currently using IE11, it is strongly recommended that you switch to a more modern browser.

Adding support for WebP

WebP is a modern image format that provides improved lossless and lossy compression for images on the web. WebP images are around 30% smaller on average than their JPEG or PNG equivalents, resulting in sites that are faster and use less bandwidth.

Adding Additional Block Supports

Expanding on previously implemented block supports in WordPress 5.6 and 5.7, WordPress 5.8 introduces several new block support flags and new options to customize your registered blocks. More information is available in the block supports dev note.

Check the Field Guide for more!

Check out the latest version of the WordPress Field Guide. It highlights developer notes for each change you may want to be aware of: WordPress 5.8 Field Guide.

Reposted from WordPress

Developer Advisory: Critical Vulnerability in Multiple Versions of WooCommerce

by Leave a Comment

tl;dr

A critical vulnerability was detected in multiple versions of WooCommerce and the WooCommerce Blocks feature plugin.  Patches for each impacted version have been created and deployed automatically to vulnerable stores..

The details

A security vulnerability in WooCommerce and WooCommerce Blocks was recently discovered and reported to us via our HackerOne security program by security researcher Josh. This vulnerability can result in sensitive data, such as user IDs and hashed passwords, being exposed.

Upon learning about the vulnerability, WooCommerce teams took immediate steps to conduct a thorough investigation, audit related code bases, and create a patch fix for 90+ impacted releases.  This patch was deployed to vulnerable stores automatically.

Our investigation into this vulnerability and whether data has been compromised is ongoing. We will be sharing more information with site owners on how to investigate this security vulnerability on their site, which we will publish on our blog when it is ready. If a store was affected, the exposed information will be specific to what that site is storing but could include order, customer, and administrative information.

There is additional information available in the recent announcement on the WooCommerce Blog.

How can I tell if this affects me?

This vulnerability affects releases of WooCommerce Blocks ranging from version 2.5 through version 5.5 and WooCommerce core versions 3.3 through version 5.5.  Any stores running a version of WooCommerce or WooCommerce Blocks within these ranges is considered vulnerable.

What action should I take?

While security patches are being deployed automatically to vulnerable stores, we still recommend updating to the latest version of these plugins, which is currently 5.5.1.

Reposted from WooCommerce.

WooCommerce 5.5.0 Released

by Leave a Comment

WooCommerce 5.5.0 is a minor release, and everything included should be backwards compatible with the previous version.

This release contains:

As always, we recommend creating a backup of your site and making sure that the themes and plugins are compatible before updating. You can check out this update guide for more information.

What’s new in 5.5?

  1. Action Scheduler 3.2.0 and 3.2.1. We have updated AS library from 3.1.6 to 3.2.1 in this release. This release comes with lots of fixes, along with an additional database index to speed up performance for sites with heavy traffic.
  2. PayPal standard will be hidden on new installs, please use our new extension PayPal instead. This change is only applicable for new installs, exisiting sites will continue to work as expected. Read our developer advisory about this change for more details.
  3. IE 11 support will not be available from this version.
  4. We have refactored the settings page infrastructure to allow for features like import/export of settings in future releases. Please check the related developer advisory.

These are just some of the changes included in this release. You can find more details in the WooCommerce 5.5.0 Beta 1 post, and complete changelog for all the packages in the changelog file.

Reposted from WooCommerce

WooCommerce 5.4.1 Fix Release

by Leave a Comment

Following today’s developer advisory, this release focuses on resolving issues caused as a result of the migration to jQuery 3.

Changelog

  • Fix – Update jQuery compatibility changes to trim functions to work with types other than string. (#30074)
  • Fix – Restores the option to load and copy addresses to orders edited in the dashboard. (#30076)

You can download the latest release of WooCommerce here or visit Dashboard → Updates to update the plugin from your WordPress admin screen.

Reported from WooCommerce

WooCommerce 5.4 Released

by Leave a Comment

The fifth minor release of 2021, WooCommerce 5.4, has been officially released! We’ve been hard at work and this release has

This is another minor release and so you should expect everything included to be backwards compatible with the previous version.

As always, we recommend creating a backup of your site and making sure that the themes and plugins are compatible before updating. You can check out this update guide for more information.

What’s new in 5.4?

  • jQuery 3 Compatibility: In preparation for WordPress Core’s plan to update jQuery, we have addressed our usage of it accordingly. (#29044)
  • WooCommerce Blocks 5.1.0: The package update includes 5.0.0 and 5.1.0. Please note that most content included in Blocks updates is not present in WooCommerce unless the WooCommerce Blocks feature plugin is active.
  • WooCommerce Admin 2.3.1: This package update includes a number of fixes and quality of life tweaks.

These are just some of the changes that are included in WooCommerce 5.4. You can find the complete changelog for this release in the changelog.txt file.

Compatibility Changes

Our aim is to maintain backwards compatibility through every release unless otherwise noted. This section contains any alternations that may be noteworthy for developers in pursuit of that.

REST API

We’ve added the dates_are_gmt parameter to coupon, product, and order collection endpoints. When true, this parameter causes the after and before date fields to check post_date_gmt instead of the local time variant.

Actions & Filters

There are no changes to actions or filters in this release.

Database

There are no database changes in this release.

Templates

There are no changes to templates in this release.

Reposted from WooCommerce

WordPress 5.7.2 Security Release

by Leave a Comment

WordPress 5.7.2 is now available.

This security release features one security fix. Because this is a security release, it is recommended that you update your sites immediately. All versions since WordPress 3.7 have also been updated.

WordPress 5.7.2 is a short-cycle security release. The next major release will be version 5.8.

You can update to WordPress 5.7.2 by downloading from WordPress.org, or visit your Dashboard → Updates and click Update Now.

If you have sites that support automatic background updates, they’ve already started the update process.

Security Updates

One security issue affecting WordPress versions between 3.7 and 5.7. If you haven’t yet updated to 5.7, all WordPress versions since 3.7 have also been updated to fix the following security issue:

Thank you to the members of the WordPress security team for implementing these fixes in WordPress.

For more information refer to the version 5.7.2 HelpHub documentation page.

Reposted from WordPress

WooCommerce 5.3 Released

by Leave a Comment

We’re excited to announce that WooCommerce 5.3 is now released. This is the fourth minor release of 2021 and has

  1. 352 commits from 30 contributors in WooCommerce Core.
  2. 145 commits from 29 contributors in the WooCommerce Admin package.
  3. 59 commits from 12 contributors in the WooCommerce Gutenberg Products Block package.

This is a minor release, which means everything is backward compatible with the previous version.

As always, we recommend creating a backup of your site and making sure that the themes and plugins are compatible before updating. You can check out this update guide for more information.

What’s new in 5.3?

  1. WooCommerce Blocks 4.9.1: Blocks package has been updated to 4.9.1. Please take a look at the release posts for 4.8.04.9.0, and 4.9.1 to see what’s new and improved.
  2. WooCommerce Admin 2.2.6: WooCommerce Admin package has also been updated to 2.2.6 with this release of WooCommerce. This new package contains lots of bug fixes and stability improvements. The list of changes in the versions of WooCommerce Admin included since WooCommerce 5.2 can be found here.

You can find the complete changelog for this release in the changelog.txt file.

Filters and actions

This release has one new and one updated filter.

New Filter

FilterDescription
woocommerce_cart_product_not_enough_stock_already_in_cart_messageFilters message about product not having enough stock accounting for what’s already in the cart. #29304

Updated Filter

FilterDescription
woocommerce_logger_log_messageAdded the ability to specify a handler object, such as WC_Log_Handler_File#29572

Database changes

This release does not introduce any database changes.

Template changes

This release does not introduce any changes to templates.

Reposted from WooCommerce